wildduck: Cleanups #42
@ -19,8 +19,8 @@ spec:
|
||||
image: mirror.gcr.io/clamav/clamav:1.1
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 3310
|
||||
name: api
|
||||
- containerPort: 3310
|
||||
name: api
|
||||
volumeMounts:
|
||||
- mountPath: /var/lib/clamav
|
||||
name: avdata
|
||||
@ -41,5 +41,5 @@ spec:
|
||||
selector:
|
||||
app.kubernetes.io/name: clamav
|
||||
ports:
|
||||
- port: 3310
|
||||
name: clamav
|
||||
- port: 3310
|
||||
name: clamav
|
||||
|
@ -5,13 +5,13 @@ metadata:
|
||||
name: wildduck-mx
|
||||
spec:
|
||||
endpoints:
|
||||
- dnsName: k-space.ee
|
||||
recordTTL: 300
|
||||
recordType: MX
|
||||
targets:
|
||||
- "10 mail.k-space.ee"
|
||||
- dnsName: k-space.ee
|
||||
recordTTL: 300
|
||||
recordType: TXT
|
||||
targets:
|
||||
- "v=spf1 mx include:servers.mcsv.net -all"
|
||||
- dnsName: k-space.ee
|
||||
recordTTL: 300
|
||||
recordType: MX
|
||||
targets:
|
||||
- "10 mail.k-space.ee"
|
||||
- dnsName: k-space.ee
|
||||
recordTTL: 300
|
||||
recordType: TXT
|
||||
targets:
|
||||
- "v=spf1 mx include:servers.mcsv.net -all"
|
||||
|
@ -177,8 +177,8 @@ spec:
|
||||
- name: REDIS_URI
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dragonfly-auth
|
||||
key: REDIS_URI
|
||||
name: session-storage
|
||||
key: REDIS_WILDDUCK_URI
|
||||
- name: MONGO_URI
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
|
@ -13,12 +13,12 @@ spec:
|
||||
selector:
|
||||
app.kubernetes.io/name: wildduck
|
||||
ports:
|
||||
- port: 993
|
||||
name: wildduck-mda
|
||||
targetPort: wildduck-mda
|
||||
- port: 465
|
||||
name: zonemta-msa
|
||||
targetPort: zonemta-msa
|
||||
- port: 25
|
||||
name: haraka-mta
|
||||
targetPort: haraka-mta
|
||||
- port: 993
|
||||
name: wildduck-mda
|
||||
targetPort: wildduck-mda
|
||||
- port: 465
|
||||
name: zonemta-msa
|
||||
targetPort: zonemta-msa
|
||||
- port: 25
|
||||
name: haraka-mta
|
||||
targetPort: haraka-mta
|
||||
|
@ -75,5 +75,5 @@ spec:
|
||||
selector:
|
||||
app.kubernetes.io/name: rspamd
|
||||
ports:
|
||||
- port: 11333
|
||||
name: rspamd
|
||||
- port: 11333
|
||||
name: rspamd
|
||||
|
50
wildduck/session-storage.yaml
Normal file
50
wildduck/session-storage.yaml
Normal file
@ -0,0 +1,50 @@
|
||||
---
|
||||
apiVersion: codemowers.cloud/v1beta1
|
||||
kind: SecretClaim
|
||||
metadata:
|
||||
name: session-storage
|
||||
spec:
|
||||
size: 32
|
||||
mapping:
|
||||
- key: password
|
||||
value: "%(plaintext)s"
|
||||
- key: REDIS_WILDDUCK_URI
|
||||
value: "redis://:%(plaintext)s@session-storage/1"
|
||||
- key: REDIS_WEBMAIL_URI
|
||||
value: "redis://:%(plaintext)s@session-storage/2"
|
||||
- key: REDIS_WILDFLOCK_URI
|
||||
value: "redis://:%(plaintext)s@session-storage/2"
|
||||
---
|
||||
apiVersion: dragonflydb.io/v1alpha1
|
||||
kind: Dragonfly
|
||||
metadata:
|
||||
name: session-storage
|
||||
spec:
|
||||
authentication:
|
||||
passwordFromSecret:
|
||||
key: password
|
||||
name: session-storage
|
||||
replicas: 3
|
||||
resources:
|
||||
limits:
|
||||
memory: 1Gi
|
||||
topologySpreadConstraints:
|
||||
- maxSkew: 1
|
||||
topologyKey: topology.kubernetes.io/zone
|
||||
whenUnsatisfiable: DoNotSchedule
|
||||
labelSelector:
|
||||
matchLabels:
|
||||
app: session-storage
|
||||
app.kubernetes.io/part-of: dragonfly
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PodMonitor
|
||||
metadata:
|
||||
name: session-storage
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: session-storage
|
||||
app.kubernetes.io/part-of: dragonfly
|
||||
podMetricsEndpoints:
|
||||
- port: admin
|
@ -1,13 +1,3 @@
|
||||
# ---
|
||||
# Commented out by argocd config drift
|
||||
#
|
||||
# apiVersion: codemowers.cloud/v1beta1
|
||||
# kind: RedisClaim
|
||||
# metadata:
|
||||
# name: webmail
|
||||
# spec:
|
||||
# class: ephemeral
|
||||
# capacity: 100Mi
|
||||
---
|
||||
apiVersion: codemowers.cloud/v1beta1
|
||||
kind: OIDCMiddlewareClient
|
||||
@ -98,8 +88,8 @@ spec:
|
||||
- name: APPCONF_dbs_redis
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dragonfly-auth
|
||||
key: REDIS_URI
|
||||
name: session-storage
|
||||
key: REDIS_WEBMAIL_URI
|
||||
volumes:
|
||||
- name: webmail-config
|
||||
projected:
|
||||
@ -116,9 +106,9 @@ spec:
|
||||
selector:
|
||||
app.kubernetes.io/name: webmail
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
targetPort: 3000
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
targetPort: 3000
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
@ -133,19 +123,19 @@ metadata:
|
||||
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
|
||||
spec:
|
||||
rules:
|
||||
- host: webmail.k-space.ee
|
||||
http:
|
||||
paths:
|
||||
- pathType: Prefix
|
||||
path: "/"
|
||||
backend:
|
||||
service:
|
||||
name: webmail
|
||||
port:
|
||||
number: 80
|
||||
- host: webmail.k-space.ee
|
||||
http:
|
||||
paths:
|
||||
- pathType: Prefix
|
||||
path: "/"
|
||||
backend:
|
||||
service:
|
||||
name: webmail
|
||||
port:
|
||||
number: 80
|
||||
tls:
|
||||
- hosts:
|
||||
- "*.k-space.ee"
|
||||
- hosts:
|
||||
- "*.k-space.ee"
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: Middleware
|
||||
@ -156,24 +146,3 @@ spec:
|
||||
regex: ^https://webmail.k-space.ee/$
|
||||
replacement: https://webmail.k-space.ee/webmail/
|
||||
permanent: false
|
||||
# ---
|
||||
# apiVersion: networking.k8s.io/v1
|
||||
# kind: NetworkPolicy
|
||||
# metadata:
|
||||
# name: webmail
|
||||
# spec:
|
||||
# podSelector:
|
||||
# matchLabels:
|
||||
# app.kubernetes.io/name: webmail
|
||||
# policyTypes:
|
||||
# - Ingress
|
||||
# ingress:
|
||||
# - ports:
|
||||
# - port: 3000
|
||||
# from:
|
||||
# - namespaceSelector:
|
||||
# matchLabels:
|
||||
# kubernetes.io/metadata.name: traefik
|
||||
# podSelector:
|
||||
# matchLabels:
|
||||
# app.kubernetes.io/name: traefik
|
||||
|
@ -1,30 +1,4 @@
|
||||
---
|
||||
apiVersion: codemowers.cloud/v1beta1
|
||||
kind: SecretClaim
|
||||
metadata:
|
||||
name: dragonfly-auth
|
||||
spec:
|
||||
size: 32
|
||||
mapping:
|
||||
- key: password
|
||||
value: "%(plaintext)s"
|
||||
- key: REDIS_URI
|
||||
value: "redis://:%(plaintext)s@dragonfly"
|
||||
---
|
||||
apiVersion: dragonflydb.io/v1alpha1
|
||||
kind: Dragonfly
|
||||
metadata:
|
||||
name: dragonfly
|
||||
spec:
|
||||
authentication:
|
||||
passwordFromSecret:
|
||||
key: password
|
||||
name: dragonfly-auth
|
||||
replicas: 3
|
||||
resources:
|
||||
limits:
|
||||
memory: 5Gi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
@ -118,8 +92,8 @@ spec:
|
||||
- name: APPCONF_dbs_redis
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dragonfly-auth
|
||||
key: REDIS_URI
|
||||
name: session-storage
|
||||
key: REDIS_WILDDUCK_URI
|
||||
volumeMounts:
|
||||
- mountPath: /cert
|
||||
name: cert
|
||||
|
@ -96,8 +96,8 @@ spec:
|
||||
- name: REDIS_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dragonfly-wildflock-auth
|
||||
key: REDIS_URI
|
||||
name: session-storage
|
||||
key: REDIS_WILDFLOCK_URI
|
||||
- name: CLIENT_URL
|
||||
value: https://wildflock.k-space.ee
|
||||
- name: WILDDUCK_DOMAIN
|
||||
@ -139,29 +139,3 @@ spec:
|
||||
envFrom:
|
||||
- secretRef:
|
||||
name: oidc-client-wildflock-owner-secrets
|
||||
---
|
||||
apiVersion: codemowers.cloud/v1beta1
|
||||
kind: SecretClaim
|
||||
metadata:
|
||||
name: dragonfly-wildflock-auth
|
||||
spec:
|
||||
size: 32
|
||||
mapping:
|
||||
- key: password
|
||||
value: "%(plaintext)s"
|
||||
- key: REDIS_URI
|
||||
value: "redis://:%(plaintext)s@dragonfly-wildflock"
|
||||
---
|
||||
apiVersion: dragonflydb.io/v1alpha1
|
||||
kind: Dragonfly
|
||||
metadata:
|
||||
name: dragonfly-wildflock
|
||||
spec:
|
||||
authentication:
|
||||
passwordFromSecret:
|
||||
key: password
|
||||
name: dragonfly-wildflock-auth
|
||||
replicas: 3
|
||||
resources:
|
||||
limits:
|
||||
memory: 5Gi
|
||||
|
@ -125,8 +125,8 @@ spec:
|
||||
- name: APPCONF_dbs_redis
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: dragonfly-auth
|
||||
key: REDIS_URI
|
||||
name: session-storage
|
||||
key: REDIS_WILDDUCK_URI
|
||||
volumeMounts:
|
||||
- name: cert
|
||||
mountPath: /cert
|
||||
|
Loading…
Reference in New Issue
Block a user