simon/kube
1
0
Fork 0
forked from k-space/kube
Code Pull Requests Activity

wildduck: Cleanups

Browse Source
This commit is contained in:
Lauri Võsandi
2024-08-15 09:37:24 +03:00
parent bbf421df63
commit b3f1eb069f
8 changed files with 75 additions and 130 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
wildduck/clamav.yaml
View File

@@ -19,8 +19,8 @@ spec:
image: mirror.gcr.io/clamav/clamav:1.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3310
name: api
- containerPort: 3310
name: api
volumeMounts:
- mountPath: /var/lib/clamav
name: avdata
@@ -41,5 +41,5 @@ spec:
selector:
app.kubernetes.io/name: clamav
ports:
- port: 3310
name: clamav
- port: 3310
name: clamav

20
wildduck/dns.yaml
View File

@@ -5,13 +5,13 @@ metadata:
name: wildduck-mx
spec:
endpoints:
- dnsName: k-space.ee
recordTTL: 300
recordType: MX
targets:
- "10 mail.k-space.ee"
- dnsName: k-space.ee
recordTTL: 300
recordType: TXT
targets:
- "v=spf1 mx include:servers.mcsv.net -all"
- dnsName: k-space.ee
recordTTL: 300
recordType: MX
targets:
- "10 mail.k-space.ee"
- dnsName: k-space.ee
recordTTL: 300
recordType: TXT
targets:
- "v=spf1 mx include:servers.mcsv.net -all"

18
wildduck/loadbalancer.yaml
View File

@@ -13,12 +13,12 @@ spec:
selector:
app.kubernetes.io/name: wildduck
ports:
- port: 993
name: wildduck-mda
targetPort: wildduck-mda
- port: 465
name: zonemta-msa
targetPort: zonemta-msa
- port: 25
name: haraka-mta
targetPort: haraka-mta
- port: 993
name: wildduck-mda
targetPort: wildduck-mda
- port: 465
name: zonemta-msa
targetPort: zonemta-msa
- port: 25
name: haraka-mta
targetPort: haraka-mta

4
wildduck/rspamd.yaml
View File

@@ -75,5 +75,5 @@ spec:
selector:
app.kubernetes.io/name: rspamd
ports:
- port: 11333
name: rspamd
- port: 11333
name: rspamd

28
wildduck/sessions.yaml Normal file
View File

@@ -0,0 +1,28 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: SecretClaim
metadata:
name: dragonfly-auth
spec:
size: 32
mapping:
- key: password
value: "%(plaintext)s"
- key: REDIS_WILDDUCK_URI
value: "redis://:%(plaintext)s@dragonfly/1"
- key: REDIS_WILDFLOCK_URI
value: "redis://:%(plaintext)s@dragonfly/2"
---
apiVersion: dragonflydb.io/v1alpha1
kind: Dragonfly
metadata:
name: dragonfly
spec:
authentication:
passwordFromSecret:
key: password
name: dragonfly-auth
replicas: 3
resources:
limits:
memory: 1Gi

61
wildduck/webmail.yaml
View File

@@ -1,13 +1,3 @@
# ---
# Commented out by argocd config drift
#
# apiVersion: codemowers.cloud/v1beta1
# kind: RedisClaim
# metadata:
# name: webmail
# spec:
# class: ephemeral
# capacity: 100Mi
---
apiVersion: codemowers.cloud/v1beta1
kind: OIDCMiddlewareClient
@@ -116,9 +106,9 @@ spec:
selector:
app.kubernetes.io/name: webmail
ports:
- protocol: TCP
port: 80
targetPort: 3000
- protocol: TCP
port: 80
targetPort: 3000
---
apiVersion: networking.k8s.io/v1
kind: Ingress
@@ -133,19 +123,19 @@ metadata:
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
spec:
rules:
- host: webmail.k-space.ee
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: webmail
port:
number: 80
- host: webmail.k-space.ee
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: webmail
port:
number: 80
tls:
- hosts:
- "*.k-space.ee"
- hosts:
- "*.k-space.ee"
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
@@ -156,24 +146,3 @@ spec:
regex: ^https://webmail.k-space.ee/$
replacement: https://webmail.k-space.ee/webmail/
permanent: false
# ---
# apiVersion: networking.k8s.io/v1
# kind: NetworkPolicy
# metadata:
# name: webmail
# spec:
# podSelector:
# matchLabels:
# app.kubernetes.io/name: webmail
# policyTypes:
# - Ingress
# ingress:
# - ports:
# - port: 3000
# from:
# - namespaceSelector:
# matchLabels:
# kubernetes.io/metadata.name: traefik
# podSelector:
# matchLabels:
# app.kubernetes.io/name: traefik

28
wildduck/wildduck.yaml
View File

@@ -1,30 +1,4 @@
---
apiVersion: codemowers.cloud/v1beta1
kind: SecretClaim
metadata:
name: dragonfly-auth
spec:
size: 32
mapping:
- key: password
value: "%(plaintext)s"
- key: REDIS_URI
value: "redis://:%(plaintext)s@dragonfly"
---
apiVersion: dragonflydb.io/v1alpha1
kind: Dragonfly
metadata:
name: dragonfly
spec:
authentication:
passwordFromSecret:
key: password
name: dragonfly-auth
replicas: 3
resources:
limits:
memory: 5Gi
---
apiVersion: v1
kind: Service
metadata:
@@ -119,7 +93,7 @@ spec:
valueFrom:
secretKeyRef:
name: dragonfly-auth
key: REDIS_URI
key: REDIS_WILDDUCK_URI
volumeMounts:
- mountPath: /cert
name: cert

38
wildduck/wildflock.yaml
View File

@@ -96,8 +96,8 @@ spec:
- name: REDIS_URL
valueFrom:
secretKeyRef:
name: dragonfly-wildflock-auth
key: REDIS_URI
name: dragonfly-auth
key: REDIS_WILDFLOCK_URI
- name: CLIENT_URL
value: https://wildflock.k-space.ee
- name: WILDDUCK_DOMAIN
@@ -120,48 +120,22 @@ spec:
valueFrom:
secretKeyRef:
key: OIDC_IDP_URI
name: oidc-client-wildflock-owner-secrets
name: oidc-client-wildflock-owner-secrets
- name: OIDC_GATEWAY_AUTH_URI
valueFrom:
secretKeyRef:
key: OIDC_IDP_AUTH_URI
name: oidc-client-wildflock-owner-secrets
name: oidc-client-wildflock-owner-secrets
- name: OIDC_GATEWAY_TOKEN_URI
valueFrom:
secretKeyRef:
key: OIDC_IDP_TOKEN_URI
name: oidc-client-wildflock-owner-secrets
name: oidc-client-wildflock-owner-secrets
- name: OIDC_GATEWAY_USERINFO_URI
valueFrom:
secretKeyRef:
key: OIDC_IDP_USERINFO_URI
name: oidc-client-wildflock-owner-secrets
name: oidc-client-wildflock-owner-secrets
envFrom:
- secretRef:
name: oidc-client-wildflock-owner-secrets
---
apiVersion: codemowers.cloud/v1beta1
kind: SecretClaim
metadata:
name: dragonfly-wildflock-auth
spec:
size: 32
mapping:
- key: password
value: "%(plaintext)s"
- key: REDIS_URI
value: "redis://:%(plaintext)s@dragonfly-wildflock"
---
apiVersion: dragonflydb.io/v1alpha1
kind: Dragonfly
metadata:
name: dragonfly-wildflock
spec:
authentication:
passwordFromSecret:
key: password
name: dragonfly-wildflock-auth
replicas: 3
resources:
limits:
memory: 5Gi