kube/wildduck/zonemta.yaml

108 lines
2.7 KiB
YAML

---
apiVersion: v1
kind: ConfigMap
metadata:
name: zonemta
namespace: wildduck
data:
pools.toml: |-
[[default]]
address="0.0.0.0"
name="mail.k-space.ee"
plugin-wildduck.toml: |-
[wildduck]
enabled=["receiver", "sender"]
interfaces=["feeder"]
hostname="mail.k-space.ee"
authlogExpireDays=30
[wildduck.srs]
enabled=false
# SRS secret value. Must be the same as in the MX side
secret="................................"
rewriteDomain="k-space.ee"
zonemta.toml: |-
[log]
level="info"
[smtpInterfaces]
key="/cert/tls.key"
cert="/cert/tls.crt"
port=9465
host="0.0.0.0"
secure=true
[plugins]
# @include "plugin-wildduck.toml"
[pools]
# @include "pools.toml"
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: zonemta
spec:
replicas: 2
selector:
matchLabels:
app.kubernetes.io/name: wildduck
app.kubernetes.io/component: zonemta
template:
metadata:
labels:
app.kubernetes.io/name: wildduck
app.kubernetes.io/component: zonemta
spec:
containers:
- name: wildduck
image: docker.io/codemowers/wildduck-zonemta-outbound:latest@sha256:a35453409c29882bacb4a758909a38ed62daa875ad72cf706996bb144703ef49
imagePullPolicy: IfNotPresent
command:
- /sbin/tini
- --
- node
- index.js
- --config
- /etc/zonemta/zonemta.toml
ports:
- containerPort: 9465
name: zonemta-msa
- containerPort: 10280
name: api
securityContext:
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
resources:
limits:
cpu: 500m
memory: 1000Mi
requests:
cpu: 10m
memory: 500Mi
env:
- name: APPCONF_dbs_sender
value: zone-mta
- name: APPCONF_dbs_mongo
valueFrom:
secretKeyRef:
name: wildduck
key: MONGO_URI
- name: APPCONF_dbs_redis
valueFrom:
secretKeyRef:
name: redis-wildduck-owner-secrets
key: REDIS_MASTER_0_URI
volumeMounts:
- name: cert
mountPath: /cert
- name: zonemta-config
mountPath: /etc/zonemta
readOnly: true
volumes:
- name: zonemta-config
projected:
sources:
- configMap:
name: zonemta
- name: cert
secret:
secretName: wildduck-tls