dos4dev/kube
1
0
Fork 0
forked from k-space/kube
Code Pull Requests Activity
Files
f7f7d52e7070012a46b20b9c6a3239cf21d9a573
kube/wildduck/zonemta.yaml

160 lines
4.1 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: ConfigMap
metadata:
name: zonemta
namespace: wildduck
data:
pools.toml: |-
[[default]]
address="0.0.0.0"
name="mail.k-space.ee"
plugin-wildduck.toml: |-
[wildduck]
enabled=["receiver", "sender"]
interfaces=["feeder"]
hostname="mail.k-space.ee"
authlogExpireDays=30
[wildduck.srs]
enabled=true
rewriteDomain="k-space.ee"
zonemta.toml: |-
[log]
level="info"
[smtpInterfaces.feeder]
key="/cert/tls.key"
cert="/cert/tls.crt"
port=9465
host="0.0.0.0"
secure=true
processes=1
authentication = true
maxRecipients=100
starttls=false
[plugins]
# @include "plugin-wildduck.toml"
[pools]
# @include "pools.toml"
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: zonemta
spec:
strategy:
type: Recreate
replicas: 2
selector:
matchLabels:
app.kubernetes.io/name: wildduck
app.kubernetes.io/component: zonemta
template:
metadata:
labels:
app.kubernetes.io/name: wildduck
app.kubernetes.io/component: zonemta
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- wildduck
- key: app.kubernetes.io/component
operator: In
values:
- zonemta
topologyKey: topology.kubernetes.io/zone
podAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- wildduck
- key: app.kubernetes.io/component
operator: In
values:
- wildduck
topologyKey: kubernetes.io/hostname
containers:
- name: zonemta
image: mirror.gcr.io/codemowers/wildduck-zonemta-outbound:latest@sha256:d19d92adc4325ee812ff75060f789012eba487f2bd50efa219f3f0b799636a7b
imagePullPolicy: IfNotPresent
command:
- /sbin/tini
- --
- node
- index.js
- --config
- /etc/zonemta/zonemta.toml
ports:
- containerPort: 9465
name: zonemta-msa
- containerPort: 10280
name: api
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
resources:
limits:
cpu: 500m
memory: 500Mi
requests:
cpu: 50m
memory: 200Mi
env:
- name: APPCONF_plugins_wildduck_srs_secret
valueFrom:
secretKeyRef:
name: srs
key: secret
- name: APPCONF_dbs_sender
value: wildduck
- name: APPCONF_dbs_mongo
valueFrom:
secretKeyRef:
name: wildduck-mongodb
key: MONGO_URI
- name: APPCONF_dbs_redis
valueFrom:
secretKeyRef:
name: session-storage
key: REDIS_WILDDUCK_URI
volumeMounts:
- name: cert
mountPath: /cert
- name: zonemta-config
mountPath: /etc/zonemta
readOnly: true
volumes:
- name: zonemta-config
projected:
sources:
- configMap:
name: zonemta
- name: cert
secret:
secretName: wildduck-tls
---
# apiVersion: networking.k8s.io/v1
# kind: NetworkPolicy
# metadata:
# name: zonemta
# spec:
# podSelector:
# matchLabels:
# app.kubernetes.io/name: wildduck
# app.kubernetes.io/component: zonemta
# policyTypes:
# - Ingress
# ingress:
# - ports:
# - port: 9465
View Git Blame Copy Permalink