k-space/kube
9
1
Fork 3
Code Issues 32 Pull Requests Activity
3f4d89b4b1
kube/wildduck/webmail.yaml

180 lines
4.0 KiB
YAML
Raw Normal View History

argo config drift: wildduck Change for apps/StatefulSet/wildduck/wildduck-operator caused by 2d25377090b14a339a54dfeb49b1f736c3d9c131 applied by ArgoCD: - serviceAccountName: codemowers-io-wildduck-operator + serviceAccountName: codemowers-cloud-wildduck-operator
2024-08-03 01:18:04 +00:00
# ---
# Commented out by argocd config drift
#
# apiVersion: codemowers.cloud/v1beta1
# kind: RedisClaim
# metadata:
# name: webmail
# spec:
# class: ephemeral
# capacity: 100Mi
Switch to Vanilla Redis
2023-07-30 08:55:17 +00:00
---
migrate to new passmower
2024-07-27 00:15:41 +00:00
apiVersion: codemowers.cloud/v1beta1
kind: OIDCMiddlewareClient
Deprecate Authelia
2023-07-28 09:21:50 +00:00
metadata:
name: webmail
spec:
displayName: Wildduck Webmail
uri: 'https://webmail.k-space.ee'
wildduck: Add ACL-s for webmail
2023-08-04 15:09:16 +00:00
allowedGroups:
- k-space:floor
- k-space:friends
Deprecate Authelia
2023-07-28 09:21:50 +00:00
headerMapping:
user: Remote-Username
---
Initial commit
2022-08-16 09:40:54 +00:00
apiVersion: v1
kind: ConfigMap
metadata:
name: webmail-config
namespace: wildduck
data:
www.toml: |-
[service]
identities=1
allowIdentityEdit=false
allowJoin=false
wildduck: Allow sending only from @k-space.ee address in webmail
2023-08-22 04:29:18 +00:00
domains=["k-space.ee"]
allowSendFromOtherDomains=false
Initial commit
2022-08-16 09:40:54 +00:00
[service.sso.http]
enabled = true
Deprecate Authelia
2023-07-28 09:21:50 +00:00
header = "Remote-Username"
fixup auth2 → auth rename
2024-08-02 22:45:57 +00:00
logoutRedirect = "https://auth.k-space.ee/" #TODO: host is not templated
Initial commit
2022-08-16 09:40:54 +00:00
[u2f]
enabled=false
[log]
level="info"
[setup.imap]
hostname="mail.k-space.ee"
secure=true
port=993
[setup.pop3]
hostname="mail.k-space.ee"
secure=true
port=995
[setup.smtp]
hostname="mail.k-space.ee"
secure=true
port=465
[api]
Migrate the rest of Wildduck stack
2023-08-24 16:53:07 +00:00
url="http://wildduck-api:8080"
Initial commit
2022-08-16 09:40:54 +00:00
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: webmail
namespace: wildduck
spec:
wildduck: Updates
2023-08-19 07:01:09 +00:00
revisionHistoryLimit: 0
wildduck: Switch to KeyDB
2022-08-28 08:08:52 +00:00
replicas: 2
Initial commit
2022-08-16 09:40:54 +00:00
selector:
matchLabels:
wildduck: Add network policies for ZoneMTA and webmail
2023-09-17 08:52:52 +00:00
app.kubernetes.io/name: webmail
Initial commit
2022-08-16 09:40:54 +00:00
template:
metadata:
labels:
wildduck: Add network policies for ZoneMTA and webmail
2023-09-17 08:52:52 +00:00
app.kubernetes.io/name: webmail
Initial commit
2022-08-16 09:40:54 +00:00
spec:
containers:
- name: webmail
wildduck: Use upstream image for Wildduck webmail
2023-08-04 15:06:57 +00:00
image: nodemailer/wildduck-webmail:latest
Initial commit
2022-08-16 09:40:54 +00:00
command:
- node
- server.js
- --config=/etc/wildduck/www.toml
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 65534
volumeMounts:
- name: webmail-config
mountPath: /etc/wildduck
readOnly: true
env:
- name: APPCONF_api_accessToken
valueFrom:
secretKeyRef:
name: wildduck
key: WILDDUCK_API_TOKEN
- name: APPCONF_dbs_redis
valueFrom:
secretKeyRef:
wildduck: migrate to dragonfly, disable network policies, upgrade wildduck-operator
2024-07-28 13:56:15 +00:00
name: dragonfly-auth
key: REDIS_URI
Initial commit
2022-08-16 09:40:54 +00:00
volumes:
- name: webmail-config
projected:
sources:
- configMap:
name: webmail-config
---
apiVersion: v1
kind: Service
metadata:
name: webmail
namespace: wildduck
spec:
selector:
wildduck: Add network policies for ZoneMTA and webmail
2023-09-17 08:52:52 +00:00
app.kubernetes.io/name: webmail
Initial commit
2022-08-16 09:40:54 +00:00
ports:
- protocol: TCP
port: 80
wildduck: Use upstream image for Wildduck webmail
2023-08-04 15:06:57 +00:00
targetPort: 3000
Initial commit
2022-08-16 09:40:54 +00:00
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: webmail
namespace: wildduck
annotations:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: websecure
Migrate the rest of Wildduck stack
2023-08-24 16:53:07 +00:00
traefik.ingress.kubernetes.io/router.middlewares: wildduck-webmail@kubernetescrd,wildduck-webmail-redirect@kubernetescrd
Initial commit
2022-08-16 09:40:54 +00:00
traefik.ingress.kubernetes.io/router.tls: "true"
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
spec:
rules:
- host: webmail.k-space.ee
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: webmail
port:
number: 80
tls:
- hosts:
Switch to wildcard *.k-space.ee certificate
2022-10-14 11:26:03 +00:00
- "*.k-space.ee"
Migrate the rest of Wildduck stack
2023-08-24 16:53:07 +00:00
---
traefik: upgrade to 3.1, migrate dashboard via ingressroute
2024-07-26 21:06:07 +00:00
apiVersion: traefik.io/v1alpha1
Migrate the rest of Wildduck stack
2023-08-24 16:53:07 +00:00
kind: Middleware
metadata:
name: webmail-redirect
spec:
redirectRegex:
regex: ^https://webmail.k-space.ee/$
replacement: https://webmail.k-space.ee/webmail/
permanent: false
argo config drift: wildduck Change for apps/StatefulSet/wildduck/wildduck-operator caused by 2d25377090b14a339a54dfeb49b1f736c3d9c131 applied by ArgoCD: - serviceAccountName: codemowers-io-wildduck-operator + serviceAccountName: codemowers-cloud-wildduck-operator
2024-08-03 01:18:04 +00:00
# ---
wildduck: migrate to dragonfly, disable network policies, upgrade wildduck-operator
2024-07-28 13:56:15 +00:00
# apiVersion: networking.k8s.io/v1
# kind: NetworkPolicy
# metadata:
# name: webmail
# spec:
# podSelector:
# matchLabels:
# app.kubernetes.io/name: webmail
# policyTypes:
# - Ingress
# ingress:
# - ports:
# - port: 3000
# from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: traefik
# podSelector:
# matchLabels:
# app.kubernetes.io/name: traefik
Reference in New Issue Copy Permalink