wildduck: Cleanups

This commit is contained in:
Lauri Võsandi 2024-08-15 09:37:24 +03:00
parent bbf421df63
commit b3f1eb069f
8 changed files with 75 additions and 130 deletions

View File

@ -19,8 +19,8 @@ spec:
image: mirror.gcr.io/clamav/clamav:1.1 image: mirror.gcr.io/clamav/clamav:1.1
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
- containerPort: 3310 - containerPort: 3310
name: api name: api
volumeMounts: volumeMounts:
- mountPath: /var/lib/clamav - mountPath: /var/lib/clamav
name: avdata name: avdata
@ -41,5 +41,5 @@ spec:
selector: selector:
app.kubernetes.io/name: clamav app.kubernetes.io/name: clamav
ports: ports:
- port: 3310 - port: 3310
name: clamav name: clamav

View File

@ -5,13 +5,13 @@ metadata:
name: wildduck-mx name: wildduck-mx
spec: spec:
endpoints: endpoints:
- dnsName: k-space.ee - dnsName: k-space.ee
recordTTL: 300 recordTTL: 300
recordType: MX recordType: MX
targets: targets:
- "10 mail.k-space.ee" - "10 mail.k-space.ee"
- dnsName: k-space.ee - dnsName: k-space.ee
recordTTL: 300 recordTTL: 300
recordType: TXT recordType: TXT
targets: targets:
- "v=spf1 mx include:servers.mcsv.net -all" - "v=spf1 mx include:servers.mcsv.net -all"

View File

@ -13,12 +13,12 @@ spec:
selector: selector:
app.kubernetes.io/name: wildduck app.kubernetes.io/name: wildduck
ports: ports:
- port: 993 - port: 993
name: wildduck-mda name: wildduck-mda
targetPort: wildduck-mda targetPort: wildduck-mda
- port: 465 - port: 465
name: zonemta-msa name: zonemta-msa
targetPort: zonemta-msa targetPort: zonemta-msa
- port: 25 - port: 25
name: haraka-mta name: haraka-mta
targetPort: haraka-mta targetPort: haraka-mta

View File

@ -75,5 +75,5 @@ spec:
selector: selector:
app.kubernetes.io/name: rspamd app.kubernetes.io/name: rspamd
ports: ports:
- port: 11333 - port: 11333
name: rspamd name: rspamd

28
wildduck/sessions.yaml Normal file
View File

@ -0,0 +1,28 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: SecretClaim
metadata:
name: dragonfly-auth
spec:
size: 32
mapping:
- key: password
value: "%(plaintext)s"
- key: REDIS_WILDDUCK_URI
value: "redis://:%(plaintext)s@dragonfly/1"
- key: REDIS_WILDFLOCK_URI
value: "redis://:%(plaintext)s@dragonfly/2"
---
apiVersion: dragonflydb.io/v1alpha1
kind: Dragonfly
metadata:
name: dragonfly
spec:
authentication:
passwordFromSecret:
key: password
name: dragonfly-auth
replicas: 3
resources:
limits:
memory: 1Gi

View File

@ -1,13 +1,3 @@
# ---
# Commented out by argocd config drift
#
# apiVersion: codemowers.cloud/v1beta1
# kind: RedisClaim
# metadata:
# name: webmail
# spec:
# class: ephemeral
# capacity: 100Mi
--- ---
apiVersion: codemowers.cloud/v1beta1 apiVersion: codemowers.cloud/v1beta1
kind: OIDCMiddlewareClient kind: OIDCMiddlewareClient
@ -116,9 +106,9 @@ spec:
selector: selector:
app.kubernetes.io/name: webmail app.kubernetes.io/name: webmail
ports: ports:
- protocol: TCP - protocol: TCP
port: 80 port: 80
targetPort: 3000 targetPort: 3000
--- ---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
@ -133,19 +123,19 @@ metadata:
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
spec: spec:
rules: rules:
- host: webmail.k-space.ee - host: webmail.k-space.ee
http: http:
paths: paths:
- pathType: Prefix - pathType: Prefix
path: "/" path: "/"
backend: backend:
service: service:
name: webmail name: webmail
port: port:
number: 80 number: 80
tls: tls:
- hosts: - hosts:
- "*.k-space.ee" - "*.k-space.ee"
--- ---
apiVersion: traefik.io/v1alpha1 apiVersion: traefik.io/v1alpha1
kind: Middleware kind: Middleware
@ -156,24 +146,3 @@ spec:
regex: ^https://webmail.k-space.ee/$ regex: ^https://webmail.k-space.ee/$
replacement: https://webmail.k-space.ee/webmail/ replacement: https://webmail.k-space.ee/webmail/
permanent: false permanent: false
# ---
# apiVersion: networking.k8s.io/v1
# kind: NetworkPolicy
# metadata:
# name: webmail
# spec:
# podSelector:
# matchLabels:
# app.kubernetes.io/name: webmail
# policyTypes:
# - Ingress
# ingress:
# - ports:
# - port: 3000
# from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: traefik
# podSelector:
# matchLabels:
# app.kubernetes.io/name: traefik

View File

@ -1,30 +1,4 @@
--- ---
apiVersion: codemowers.cloud/v1beta1
kind: SecretClaim
metadata:
name: dragonfly-auth
spec:
size: 32
mapping:
- key: password
value: "%(plaintext)s"
- key: REDIS_URI
value: "redis://:%(plaintext)s@dragonfly"
---
apiVersion: dragonflydb.io/v1alpha1
kind: Dragonfly
metadata:
name: dragonfly
spec:
authentication:
passwordFromSecret:
key: password
name: dragonfly-auth
replicas: 3
resources:
limits:
memory: 5Gi
---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
@ -119,7 +93,7 @@ spec:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: dragonfly-auth name: dragonfly-auth
key: REDIS_URI key: REDIS_WILDDUCK_URI
volumeMounts: volumeMounts:
- mountPath: /cert - mountPath: /cert
name: cert name: cert

View File

@ -96,8 +96,8 @@ spec:
- name: REDIS_URL - name: REDIS_URL
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: dragonfly-wildflock-auth name: dragonfly-auth
key: REDIS_URI key: REDIS_WILDFLOCK_URI
- name: CLIENT_URL - name: CLIENT_URL
value: https://wildflock.k-space.ee value: https://wildflock.k-space.ee
- name: WILDDUCK_DOMAIN - name: WILDDUCK_DOMAIN
@ -120,48 +120,22 @@ spec:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: OIDC_IDP_URI key: OIDC_IDP_URI
name: oidc-client-wildflock-owner-secrets name: oidc-client-wildflock-owner-secrets
- name: OIDC_GATEWAY_AUTH_URI - name: OIDC_GATEWAY_AUTH_URI
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: OIDC_IDP_AUTH_URI key: OIDC_IDP_AUTH_URI
name: oidc-client-wildflock-owner-secrets name: oidc-client-wildflock-owner-secrets
- name: OIDC_GATEWAY_TOKEN_URI - name: OIDC_GATEWAY_TOKEN_URI
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: OIDC_IDP_TOKEN_URI key: OIDC_IDP_TOKEN_URI
name: oidc-client-wildflock-owner-secrets name: oidc-client-wildflock-owner-secrets
- name: OIDC_GATEWAY_USERINFO_URI - name: OIDC_GATEWAY_USERINFO_URI
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
key: OIDC_IDP_USERINFO_URI key: OIDC_IDP_USERINFO_URI
name: oidc-client-wildflock-owner-secrets name: oidc-client-wildflock-owner-secrets
envFrom: envFrom:
- secretRef: - secretRef:
name: oidc-client-wildflock-owner-secrets name: oidc-client-wildflock-owner-secrets
---
apiVersion: codemowers.cloud/v1beta1
kind: SecretClaim
metadata:
name: dragonfly-wildflock-auth
spec:
size: 32
mapping:
- key: password
value: "%(plaintext)s"
- key: REDIS_URI
value: "redis://:%(plaintext)s@dragonfly-wildflock"
---
apiVersion: dragonflydb.io/v1alpha1
kind: Dragonfly
metadata:
name: dragonfly-wildflock
spec:
authentication:
passwordFromSecret:
key: password
name: dragonfly-wildflock-auth
replicas: 3
resources:
limits:
memory: 5Gi