--- apiVersion: v1 kind: Service metadata: name: wildduck-api spec: selector: app.kubernetes.io/name: wildduck app.kubernetes.io/component: wildduck ports: - port: 8080 name: wildduck-api --- apiVersion: apps/v1 kind: Deployment metadata: name: wildduck spec: strategy: type: Recreate replicas: 2 selector: matchLabels: app.kubernetes.io/name: wildduck app.kubernetes.io/component: wildduck template: metadata: labels: app.kubernetes.io/name: wildduck app.kubernetes.io/component: wildduck spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app.kubernetes.io/name operator: In values: - wildduck - key: app.kubernetes.io/component operator: In values: - wildduck topologyKey: topology.kubernetes.io/zone containers: - name: wildduck image: mirror.gcr.io/nodemailer/wildduck:latest@sha256:4a0b80e1751bfbb7e9b715482dded6adedbdb74b4206a37f337ce48496c9cb5d ports: - containerPort: 8080 name: wildduck-api - containerPort: 9993 name: wildduck-mda securityContext: readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 resources: limits: cpu: 500m memory: 200Mi requests: cpu: 10m memory: 100Mi env: - name: APPCONF_emailDomain value: k-space.ee - name: APPCONF_log_level value: info - name: APPCONF_maxForwards value: "2000" - name: APPCONF_hostname value: mail.k-space.ee - name: APPCONF_tls_key value: /cert/tls.key - name: APPCONF_tls_cert value: /cert/tls.crt - name: APPCONF_api_host value: "0.0.0.0" - name: APPCONF_api_accessToken valueFrom: secretKeyRef: name: wildduck key: WILDDUCK_API_TOKEN - name: APPCONF_dbs_sender value: wildduck - name: APPCONF_dbs_mongo valueFrom: secretKeyRef: name: wildduck-mongodb key: MONGO_URI - name: APPCONF_dbs_redis valueFrom: secretKeyRef: name: session-storage key: REDIS_WILDDUCK_URI volumeMounts: - mountPath: /cert name: cert volumes: - name: cert secret: secretName: wildduck-tls