dvirlabs/mail-services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add mail-services

Browse Source
This commit is contained in:
dvirlabs 2025-05-11 00:34:55 +03:00
commit a76f89095c
62 changed files with 8772 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
README.md Normal file
View File

21
argocd-apps/mailu.yaml Normal file
View File

@ -0,0 +1,21 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: mailu
namespace: argocd
spec:
project: mail-services
source:
repoURL: 'https://git.dvirlabs.com/dvirlabs/mail-services.git'
targetRevision: HEAD
path: charts/mailu
helm:
valueFiles:
- ../../manifests/mailu/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: mail-services
syncPolicy:
automated:
prune: true
selfHeal: true

363
charts/mailu/CHANGELOG.md Normal file
View File

@ -0,0 +1,363 @@
# Changelog
## [2.1.2](https://github.com/Mailu/helm-charts/compare/mailu-2.1.1...mailu-2.1.2) (2024-12-22)
### Bug Fixes
* Allow setting custom NodePorts for externalService ([#383](https://github.com/Mailu/helm-charts/issues/383)) ([0b1a9cd](https://github.com/Mailu/helm-charts/commit/0b1a9cda3448f2735460f2aa1c79b50a8f6d38c0))
* Fix issue with redis subpath needing to be relative ([#376](https://github.com/Mailu/helm-charts/issues/376)) ([0fd99a6](https://github.com/Mailu/helm-charts/commit/0fd99a668bcb32f710bdbce729f38074895d8273))
## [2.1.1](https://github.com/Mailu/helm-charts/compare/mailu-2.1.0...mailu-2.1.1) (2024-08-20)
### Bug Fixes
* bump mailu to 2024.06.6 ([#359](https://github.com/Mailu/helm-charts/issues/359)) ([cfc2b7b](https://github.com/Mailu/helm-charts/commit/cfc2b7bf2425ac6e05574da48ee13b29b0307d32))
* bump mailu version to 2024.06.10 ([#365](https://github.com/Mailu/helm-charts/issues/365)) ([b10d394](https://github.com/Mailu/helm-charts/commit/b10d39463d033c47c82d8b3d1c53acac94c2d926))
## [2.1.0](https://github.com/Mailu/helm-charts/compare/mailu-2.0.0...mailu-2.1.0) (2024-07-28)
### Features
* added Tika support ([#356](https://github.com/Mailu/helm-charts/issues/356)) ([34ef061](https://github.com/Mailu/helm-charts/commit/34ef061e9f2c3a906dc198b9fe430361f3a3554f))
* enable API support ([#358](https://github.com/Mailu/helm-charts/issues/358)) ([0d313fa](https://github.com/Mailu/helm-charts/commit/0d313fa5f307f076d3389075d3dac189383895ad))
* several fixes for Mailu 2024.06 support ([#354](https://github.com/Mailu/helm-charts/issues/354)) ([3fa16db](https://github.com/Mailu/helm-charts/commit/3fa16db195f3361388c4b9cee329c0e67970dc9a))
## [2.0.0](https://github.com/Mailu/helm-charts/compare/mailu-1.5.0...mailu-2.0.0) (2024-06-24)
### ⚠ BREAKING CHANGES
* replace mailu clamav container with official container ([#350](https://github.com/Mailu/helm-charts/issues/350))
### Features
* add extraContainers to helm chart in order to allow users to inject sidecar-containers to each component ([#344](https://github.com/Mailu/helm-charts/issues/344)) ([369a6cd](https://github.com/Mailu/helm-charts/commit/369a6cd3c17c9734d44e74857f96a77700228a40))
* add the possibility to disable RSPAMD ([#337](https://github.com/Mailu/helm-charts/issues/337)) ([bb5a3ab](https://github.com/Mailu/helm-charts/commit/bb5a3ab6cb919f6334973430ad1175775f8ac829))
* bump mailu version to 2024.06.3 ([#351](https://github.com/Mailu/helm-charts/issues/351)) ([d35ecce](https://github.com/Mailu/helm-charts/commit/d35ecce77e4c31d379fc9632e57d3db73b53eeb8))
* replace mailu clamav container with official container ([#350](https://github.com/Mailu/helm-charts/issues/350)) ([b45bd55](https://github.com/Mailu/helm-charts/commit/b45bd55fe61013a14ff2576eda86ff956bf1055c))
### Bug Fixes
* remove duplicate 'get secrets' in notes ([#345](https://github.com/Mailu/helm-charts/issues/345)) ([1d3cec3](https://github.com/Mailu/helm-charts/commit/1d3cec3f72f372dd0e1116c54ab64557fcfb9f7e))
## [1.5.0](https://github.com/Mailu/helm-charts/compare/mailu-1.4.0...mailu-1.5.0) (2023-10-24)
### Features
* add MAILU_HELM_CHART environment variable ([#312](https://github.com/Mailu/helm-charts/issues/312)) ([e26ffd7](https://github.com/Mailu/helm-charts/commit/e26ffd7c70a8788db93cb48cbf48d51a33a8eb8a))
* bump mailu version to 2.0.30 ([#314](https://github.com/Mailu/helm-charts/issues/314)) ([4884ca4](https://github.com/Mailu/helm-charts/commit/4884ca4d0e030038f262d569b15bca550b404539))
## [1.4.0](https://github.com/Mailu/helm-charts/compare/mailu-1.3.0...mailu-1.4.0) (2023-08-29)
### Features
* bump mailu version to 2.0.22 ([#296](https://github.com/Mailu/helm-charts/issues/296)) ([17d3b94](https://github.com/Mailu/helm-charts/commit/17d3b94558f795e0f7f43804f51e23285f8c8075))
## [1.3.0](https://github.com/Mailu/helm-charts/compare/mailu-1.2.0...mailu-1.3.0) (2023-08-24)
### Features
* add securityContext and podSecurityContext options ([#263](https://github.com/Mailu/helm-charts/issues/263)) ([6f9e25b](https://github.com/Mailu/helm-charts/commit/6f9e25bba7c7f69e84af6f6cd13fb7648bb5fe0c))
* dynamic shields ([0651568](https://github.com/Mailu/helm-charts/commit/065156800f661c522a7d89a2c77b107a5f859356))
* upgrade mailu version to 2.0.20 ([#294](https://github.com/Mailu/helm-charts/issues/294)) ([d7fc85c](https://github.com/Mailu/helm-charts/commit/d7fc85cbc4b68a496a7f9ddc2fdc50d85fac4206))
### Bug Fixes
* fix postgresql initdb script ([#258](https://github.com/Mailu/helm-charts/issues/258)) ([04b803a](https://github.com/Mailu/helm-charts/commit/04b803a83e89f17a7fc247ebec0b4cd06fbbc73a))
* fixed probes ([#289](https://github.com/Mailu/helm-charts/issues/289)) ([76c333c](https://github.com/Mailu/helm-charts/commit/76c333c7682536141262255754b74f1065609f17))
* only include roudcube secrets if webmail.enabled is set to true ([#272](https://github.com/Mailu/helm-charts/issues/272)) ([5e652c0](https://github.com/Mailu/helm-charts/commit/5e652c0b2b5db10032320e7b9e805c711cc6853f))
* readinessProbe.enabled has no effect ([b33d602](https://github.com/Mailu/helm-charts/commit/b33d60238aaf83fe322c1d100e3b9d4b2cae6ecd))
* set default permanentSessionLifetime to 30 days instead of 30 hours ([180109f](https://github.com/Mailu/helm-charts/commit/180109f96ff3f9bea39890998a65ab501690cba8))
## [1.2.0](https://github.com/Mailu/helm-charts/compare/mailu-1.1.1...mailu-1.2.0) (2023-05-01)
### Features
* Add proxyAuth section to values to configure PROXY_AUTH_* env vars ([04825ef](https://github.com/Mailu/helm-charts/commit/04825ef1457ae34e2b0471fefd04397df4ba4a01))
### Bug Fixes
* bumped Mailu version to 2.0.10 ([f70466c](https://github.com/Mailu/helm-charts/commit/f70466cde9d11891593d0ecb25b5b1d3bf69a11d))
* fixed dovecot probes ([b1b0405](https://github.com/Mailu/helm-charts/commit/b1b0405681350a85464cf3d69c3bc28355f7d8c5))
* fixed readme and generator ([98c21c7](https://github.com/Mailu/helm-charts/commit/98c21c79a68d0aef21c2022d2eb562e232456086))
## [1.1.1](https://github.com/Mailu/helm-charts/compare/mailu-1.1.0...mailu-1.1.1) (2023-04-19)
### Bug Fixes
* [BUG] Helm error when deploying with webdav.enabled=true because of missing template [#232](https://github.com/Mailu/helm-charts/issues/232) ([91cd49e](https://github.com/Mailu/helm-charts/commit/91cd49e57166f1d64f2e667b96efe5ba1f01d7c1))
* [BUG] postfix-overrides ConfigMap will never render [#234](https://github.com/Mailu/helm-charts/issues/234) ([bc73acc](https://github.com/Mailu/helm-charts/commit/bc73acca4f24d162716c73fad6833ffb7dbf9f02))
* fixed encoding of relayuser and relaypassword ([0209240](https://github.com/Mailu/helm-charts/commit/02092404f1d060699fff81554b54872bcfbb6479))
* fixed typo in fetchmail deployment ([baca17a](https://github.com/Mailu/helm-charts/commit/baca17a2c12019a8504f3a72b17809690c2d79fc))
* fixed typo when external service set to NodePort ([741a90d](https://github.com/Mailu/helm-charts/commit/741a90daf10d45f181e253f06c863919b00e9dc3))
## [1.1.0](https://github.com/Mailu/helm-charts/compare/mailu-1.0.1...mailu-1.1.0) (2023-04-13)
### Features
* Add support for TLS settings ([07fad3a](https://github.com/Mailu/helm-charts/commit/07fad3a81bb823ca979afdc1dca0d4944d4e7775))
* Added oletools component ([0a4f95f](https://github.com/Mailu/helm-charts/commit/0a4f95f3d0d42a5a42b9d3db612ff6afb2a62628))
* Added support for WILDCARD_SENDERS ([f72db8d](https://github.com/Mailu/helm-charts/commit/f72db8d78dd0de4d77ad8085dfafe5de0f38cab8))
### Bug Fixes
* Fixed sieve support ([91792ff](https://github.com/Mailu/helm-charts/commit/91792ffbc0811d1c0252603c53c17d1e25d646a6))
* Restrict web ports to ingress-nginx when network policies are enabled ([e21cc8b](https://github.com/Mailu/helm-charts/commit/e21cc8bcdecfcba509bfaea01609858393a2730e))
## [1.0.1](https://github.com/Mailu/helm-charts/compare/mailu-1.0.0...mailu-1.0.1) (2023-04-13)
### Bug Fixes
* Fixed Dovecot probes ([41f3497](https://github.com/Mailu/helm-charts/commit/41f349766e5c7a4084befd0b2b62a6c3081f5e6b))
## [1.0.0](https://github.com/Mailu/helm-charts/compare/mailu-1.0.0-beta.32...mailu-1.0.0) (2023-04-12)
### Miscellaneous Chores
* Release 1.0.0 ([db41cf5](https://github.com/Mailu/helm-charts/commit/db41cf50d6567177aa13e2ff43320c8df733e8e0))
## [1.0.0-beta.32](https://github.com/Mailu/helm-charts/compare/mailu-1.0.0-beta.31...mailu-1.0.0-beta.32) (2023-04-12)
### Miscellaneous Chores
* release 1.0.0-beta.32 ([b31d9f4](https://github.com/Mailu/helm-charts/commit/b31d9f4bbdd8d7ff161e3fadd689798e91437fd7))
## [1.0.0-beta.31](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.30...mailu-1.0.0-beta.31) (2023-04-07)
### Bug Fixes
* cleaned env vars for addresses ([11eeea0](https://github.com/fastlorenzo/helm-charts-1/commit/11eeea0738cd56ef881acfa1f0dfe850733ebce3))
* cleaned env vars for addresses ([#65](https://github.com/fastlorenzo/helm-charts-1/issues/65)) ([1768f6a](https://github.com/fastlorenzo/helm-charts-1/commit/1768f6abf94a61e7379202f4815f8c775cf1774d))
* Fixed env var for antispam ([c180724](https://github.com/fastlorenzo/helm-charts-1/commit/c18072403f204c68aa2766c29f44255f0aa310a3))
* Fixed env var for antispam ([#63](https://github.com/fastlorenzo/helm-charts-1/issues/63)) ([00e62e6](https://github.com/fastlorenzo/helm-charts-1/commit/00e62e65011ffe748061fcc1ef126cc9d88678e9))
### Miscellaneous Chores
* release 1.0.0-beta.31 ([87fa8e8](https://github.com/fastlorenzo/helm-charts-1/commit/87fa8e8b96fca5cbaf0cef08d094ba3f51dd4233))
## [1.0.0-beta.30](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.29...mailu-1.0.0-beta.30) (2023-04-07)
### Miscellaneous Chores
* release 1.0.0-beta.30 ([0e7c8af](https://github.com/fastlorenzo/helm-charts-1/commit/0e7c8af3d49fdd874a31d82a19db910197ed77ad))
## [1.0.0-beta.29](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.28...mailu-1.0.0-beta.29) (2023-03-17)
### Bug Fixes
* add missing container registry for admin ([1cb6a88](https://github.com/fastlorenzo/helm-charts-1/commit/1cb6a887518e115761ea0260b675969e60ea3ba1))
* Add missing container registry for admin ([a051d71](https://github.com/fastlorenzo/helm-charts-1/commit/a051d7196ee3cebbf7175395eb65374cea877cb0))
* Add missing container registry for admin ([a051d71](https://github.com/fastlorenzo/helm-charts-1/commit/a051d7196ee3cebbf7175395eb65374cea877cb0))
### Miscellaneous Chores
* release 1.0.0-beta.29 ([4892a2a](https://github.com/fastlorenzo/helm-charts-1/commit/4892a2a5757697d5ffc47bd2e6590f65fdad4898))
## [1.0.0-beta.28](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.27...mailu-1.0.0-beta.28) (2023-03-17)
### Bug Fixes
* migrate container registry to ghcr.io ([77ad28a](https://github.com/fastlorenzo/helm-charts-1/commit/77ad28a41c9e956fd538f949bab0d36dcd1d9237))
* Unset default value for realIpFrom ([#53](https://github.com/fastlorenzo/helm-charts-1/issues/53)) ([1d1aa9a](https://github.com/fastlorenzo/helm-charts-1/commit/1d1aa9ac6a2ffbd3729cca8d44e431554b468f57))
* Updated documentation ([#55](https://github.com/fastlorenzo/helm-charts-1/issues/55)) ([7c52126](https://github.com/fastlorenzo/helm-charts-1/commit/7c521269611c22bad2070b67544e2a6bc162b647))
### Miscellaneous Chores
* release 1.0.0-beta.28 ([dff244e](https://github.com/fastlorenzo/helm-charts-1/commit/dff244e2cd61a01fa1de4b11d101f7c3db67b4b9))
## [1.0.0-beta.27](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.26...mailu-1.0.0-beta.27) (2022-12-14)
### Features
* Refactor env vars ([#50](https://github.com/fastlorenzo/helm-charts-1/issues/50)) ([07feb7a](https://github.com/fastlorenzo/helm-charts-1/commit/07feb7a2c07e3127bac8f90fe5a283adb35817bb))
### Miscellaneous Chores
* release 1.0.0-beta.27 ([607c463](https://github.com/fastlorenzo/helm-charts-1/commit/607c463f0a01b865bc8189d7ad6360e71c99e2cb))
## [1.0.0-beta.26](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.25...mailu-1.0.0-beta.26) (2022-12-11)
### Bug Fixes
* Added extra volumes for all pods ([#48](https://github.com/fastlorenzo/helm-charts-1/issues/48)) ([a466bb0](https://github.com/fastlorenzo/helm-charts-1/commit/a466bb005d6e3ce054edc0ea4b976b0dd89297bf))
### Miscellaneous Chores
* release 1.0.0-beta.26 ([50b5a28](https://github.com/fastlorenzo/helm-charts-1/commit/50b5a287b581f7ac7fa91c988b947fbbe2358856))
## [1.0.0-beta.25](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.24...mailu-1.0.0-beta.25) (2022-12-08)
### Features
* add support for network policy ([8fd3c6c](https://github.com/fastlorenzo/helm-charts-1/commit/8fd3c6c527a692983e54c82511c6e77fc9150df4))
* add support for network policy ([7e42d15](https://github.com/fastlorenzo/helm-charts-1/commit/7e42d15df88d43213e672235e366edbfb53532c6))
* add support for network policy ([#46](https://github.com/fastlorenzo/helm-charts-1/issues/46)) ([e42623b](https://github.com/fastlorenzo/helm-charts-1/commit/e42623b11b3bdde6c7c3678d5a1450e0af18e76d))
### Bug Fixes
* add compatibility with latest Mailu master branch ([#44](https://github.com/fastlorenzo/helm-charts-1/issues/44)) ([25eb5e5](https://github.com/fastlorenzo/helm-charts-1/commit/25eb5e5130a66457400cdffacffde93649af6e63))
* fixed compatibility with Mailu master ([1a66cb5](https://github.com/fastlorenzo/helm-charts-1/commit/1a66cb545a5c47359069e1e6cf78a0556567b877))
### Miscellaneous Chores
* release 1.0.0-beta.25 ([cd96738](https://github.com/fastlorenzo/helm-charts-1/commit/cd96738b188af220758f3fa436dd8ae32a3e6655))
* release 1.0.0-beta.25 ([6129948](https://github.com/fastlorenzo/helm-charts-1/commit/61299485da7eac6456248baa24400c3e35ead737))
## [1.0.0-beta.24](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.23...mailu-1.0.0-beta.24) (2022-11-22)
### Features
* Add Rspamd overrides [#38](https://github.com/fastlorenzo/helm-charts-1/issues/38) ([7c25309](https://github.com/fastlorenzo/helm-charts-1/commit/7c25309841252793199b650ce00cda1287daa755))
### Bug Fixes
* Fix postfix override settings ([6852d19](https://github.com/fastlorenzo/helm-charts-1/commit/6852d1924178260703f0b780358b24abf7bf1bf4))
* Fixed usage of existingSecret for TLS (fixes [#37](https://github.com/fastlorenzo/helm-charts-1/issues/37)) ([cbb84c7](https://github.com/fastlorenzo/helm-charts-1/commit/cbb84c78d99edb61102b21a0822f236f5f7f6b36))
### Miscellaneous Chores
* release 1.0.0-beta.24 ([b54e6e8](https://github.com/fastlorenzo/helm-charts-1/commit/b54e6e8b31d858134255d74526791c09a4e26fb5))
## [1.0.0-beta.23](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.22...mailu-1.0.0-beta.23) (2022-11-18)
### Bug Fixes
* fixed missing check when using existing claim ([#34](https://github.com/fastlorenzo/helm-charts-1/issues/34)) ([8f36df0](https://github.com/fastlorenzo/helm-charts-1/commit/8f36df0ff0a7cbec6be444e58c21421009acfd4e))
### Miscellaneous Chores
* release 1.0.0-beta.23 ([a6a86e1](https://github.com/fastlorenzo/helm-charts-1/commit/a6a86e1d7bf729c6e4e92676f6369b2922b87fd0))
## [1.0.0-beta.22](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.21...mailu-1.0.0-beta.22) (2022-11-09)
### Miscellaneous Chores
* release 1.0.0-beta.22 ([9e996a2](https://github.com/fastlorenzo/helm-charts-1/commit/9e996a20f654a90c6d65a30f8b86e2044b5c92e4))
## [1.0.0-beta.21](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.20...mailu-1.0.0-beta.21) (2022-11-09)
### Bug Fixes
* Fixed typo in nodePort param ([cd29882](https://github.com/fastlorenzo/helm-charts-1/commit/cd298824d73079b0dae7deecf265b0fa4780c8e5))
* Fixed typo in nodePort param ([#29](https://github.com/fastlorenzo/helm-charts-1/issues/29)) ([bc159d0](https://github.com/fastlorenzo/helm-charts-1/commit/bc159d029d211d62a5730a7dbb4b179091824743))
### Miscellaneous Chores
* release 1.0.0-beta.21 ([87b2041](https://github.com/fastlorenzo/helm-charts-1/commit/87b2041bbba6e124119c196cca24d9b83f8bd805))
## [1.0.0-beta.20](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.19...mailu-1.0.0-beta.20) (2022-11-09)
### Bug Fixes
* fixed typo in external service ([0ec88b1](https://github.com/fastlorenzo/helm-charts-1/commit/0ec88b18a6cdbce99d37e065cd7bd472a82013f9))
* fixed typo in external service ([#27](https://github.com/fastlorenzo/helm-charts-1/issues/27)) ([a2efb99](https://github.com/fastlorenzo/helm-charts-1/commit/a2efb9955838ea4f1399238e5dabfe3956c79700))
### Miscellaneous Chores
* release 1.0.0-beta.20 ([69697aa](https://github.com/fastlorenzo/helm-charts-1/commit/69697aaa79c4a8b9662a71d7d5ed29060fafdf2a))
## [1.0.0-beta.19](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.18...mailu-1.0.0-beta.19) (2022-11-09)
### Features
* Added support for NodePort for front External Service ([551c9ae](https://github.com/fastlorenzo/helm-charts-1/commit/551c9ae0d791acb67f6a31af7d9d409fe2c07cf6))
* Added support for NodePort for front External Service ([#25](https://github.com/fastlorenzo/helm-charts-1/issues/25)) ([b9a1b84](https://github.com/fastlorenzo/helm-charts-1/commit/b9a1b8446a1452d3c54d4ecf828d8fa7adf1f851))
### Miscellaneous Chores
* release 1.0.0-beta.19 ([f3d223c](https://github.com/fastlorenzo/helm-charts-1/commit/f3d223c565eff6aa7ec0821ce38e3f2c536f75eb))
## [1.0.0-beta.18](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.17...mailu-1.0.0-beta.18) (2022-11-08)
### Features
* added support for redis external database ([88c1b0d](https://github.com/fastlorenzo/helm-charts-1/commit/88c1b0da26a94de6b31a98fad707d897c5f095cb))
* added support for redis external database ([#23](https://github.com/fastlorenzo/helm-charts-1/issues/23)) ([7096a13](https://github.com/fastlorenzo/helm-charts-1/commit/7096a134f4f4008436075811807808a4b74dd2ce))
### Bug Fixes
* updated helm dependency ([c776220](https://github.com/fastlorenzo/helm-charts-1/commit/c77622074e7314301d58a02efa00c5d3928772c5))
### Miscellaneous Chores
* release 1.0.0-beta.18 ([9065a20](https://github.com/fastlorenzo/helm-charts-1/commit/9065a202fe89ea2ac35f07291a973301c4b35f63))
## [1.0.0-beta.17](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.16...mailu-1.0.0-beta.17) (2022-11-08)
### Miscellaneous Chores
* release 1.0.0-beta.17 ([14c48ee](https://github.com/fastlorenzo/helm-charts-1/commit/14c48ee3ea651d0c7a1fc6896bb5a06408250d55))
## [1.0.0-beta.16](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.15...mailu-1.0.0-beta.16) (2022-11-08)
### Miscellaneous Chores
* release 1.0.0-beta.16 ([3752e90](https://github.com/fastlorenzo/helm-charts-1/commit/3752e90a310cb1ac1c4bbd7007d868e2618ebb2f))
## [1.0.0-beta.15](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.14...mailu-1.0.0-beta.15) (2022-11-08)
### Bug Fixes
* fixed syntax ([fb13f1e](https://github.com/fastlorenzo/helm-charts-1/commit/fb13f1eebf01aa98baf177efa74af6d69df028f1))
### Miscellaneous Chores
* release 1.0.0-beta.15 ([24493f6](https://github.com/fastlorenzo/helm-charts-1/commit/24493f6bea127e2b474b5449a525e375079dc147))
## [1.0.0-beta.14](https://github.com/fastlorenzo/helm-charts-1/compare/mailu-1.0.0-beta.13...mailu-1.0.0-beta.14) (2022-11-08)
### Bug Fixes
* Added keyword for roundcube ([4bf6ba9](https://github.com/fastlorenzo/helm-charts-1/commit/4bf6ba9d8e116d0da959e9df79230454fe3d6e12))
* changed debug mode to WARNING in CI values ([7e84c2a](https://github.com/fastlorenzo/helm-charts-1/commit/7e84c2ac3a72ce84b94ed8addafb9dcce9db02ba))
* force release ([8ed1e96](https://github.com/fastlorenzo/helm-charts-1/commit/8ed1e9638e38f76521473a965b91e1f954400eb4))

15
charts/mailu/Chart.lock Normal file
View File

@ -0,0 +1,15 @@
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
version: 2.8.0
- name: redis
repository: https://charts.bitnami.com/bitnami
version: 17.15.2
- name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 11.9.13
- name: mariadb
repository: https://charts.bitnami.com/bitnami
version: 12.2.9
digest: sha256:418939e4cffeabd09d5a87f643f1fc87b43f23b00a9139d36646fcb11ebf4c17
generated: "2023-08-14T00:40:16.960741779+02:00"

41
charts/mailu/Chart.yaml Normal file
View File

@ -0,0 +1,41 @@
apiVersion: v2
appVersion: 2024.06.10
version: 2.1.2
name: mailu
description: This chart installs the Mailu mail system on kubernetes
home: https://mailu.io
sources:
- https://github.com/Mailu/helm-charts/
icon: https://mailu.io/master/_images/logo.png
keywords:
- mailu
- mail
- email
- smtp
- imap
- pop3
- webmail
- postfix
- dovecot
- roundcube
maintainers:
- name: Mailu
url: https://mailu.io
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
tags:
- bitnami-common
version: 2.8.0
- condition: redis.enabled
name: redis
version: 17.15.*
repository: https://charts.bitnami.com/bitnami
- condition: postgresql.enabled
name: postgresql
version: 11.9.*
repository: https://charts.bitnami.com/bitnami
- condition: mariadb.enabled
name: mariadb
version: 12.2.*
repository: https://charts.bitnami.com/bitnami

64
charts/mailu/MIGRATION_GUIDE.md Normal file
View File

@ -0,0 +1,64 @@
# Migration guide
Version `1.0.0` is a major release of Mailu Helm Chart. It is not compatible with previous versions.
This guide will help you migrate your data from a previous version to `1.0.0`.
**We strongly recommend to backup your data before migrating. We will not be responsible in case of any loss of data.**
## Migration steps
1. Backup your data
2. Create a new `values.yaml` file (we recommend to create a new one from scratch)
3. Uninstall the previous version of the chart
4. Install the new version of the chart
5. Restore your data
In-place upgrade could be possible but is not supported.
If you want to perform an in-place upgrade and you are using the built-in MySQL database, you will need to migrate your data manually and backup your existing data **before** attempting the upgrade.
You will also need to manually delete the existing `Ingress`, as well as all existing `Deployment` resources.
**Running the upgrade will remove the existing MySQL deployment and data!**
## Breaking changes
- The embedded MySQL database has been removed from this chart.
This chart can now deploy MariaDB or Postgresql database using the Bitnami charts.
An external database can also be configured.
- The embedded Redis installation has been removed from this chart.
This chart will now deploy Redis using the Bitnami charts.
- Several configuration keys have been renamed, please see more in the [Values mapping](#values-mapping) section.
## Values mapping
| Old configuration key | New configuration key | Comments |
| --------------------------------------- | ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------- |
| `database.type` | `-` | Removed. Use `postgresql.enabled` or `mariadb.enabled` instead. |
| `database.roundcubeType` | `-` | Removed. Use `postgresql.enabled` or `mariadb.enabled` instead. |
| `database.mysql.roundcubeDatabase` | `global.database.roundcube.database` | |
| `database.mysql.roundcubePassword` | `global.database.roundcube.password` | Ignored if using `global.database.roundcube.existingSecret` |
| `database.mysql.roundcubeUser` | `global.database.roundcube.username` | |
| `database.mysql.rootPassword` | `mariadb.auth.rootPassword` | Check [Bitnami MariaDB](https://artifacthub.io/packages/helm/bitnami/mariadb) for more configuration options. |
| `database.mysql.database` | `mariadb.auth.database` | Check [Bitnami MariaDB](https://artifacthub.io/packages/helm/bitnami/mariadb) for more configuration options. |
| `database.mysql.user` | `mariadb.auth.username` | Check [Bitnami MariaDB](https://artifacthub.io/packages/helm/bitnami/mariadb) for more configuration options. |
| `database.mysql.password` | `mariadb.auth.password` | Check [Bitnami MariaDB](https://artifacthub.io/packages/helm/bitnami/mariadb) for more configuration options. |
| `database.postgresql.roundcubeDatabase` | `global.database.roundcube.database` | |
| `database.postgresql.roundcubePassword` | `global.database.roundcube.password` | Ignored if using `global.database.roundcube.existingSecret` |
| `database.postgresql.roundcubeUser` | `global.database.roundcube.username` | |
| `-` | `postgresql.auth.postgresPassword` | Check [Bitnami Postgresql](https://artifacthub.io/packages/helm/bitnami/postgresql) for more configuration options. |
| `database.postgresql.database` | `postgresql.auth.database` | Check [Bitnami Postgresql](https://artifacthub.io/packages/helm/bitnami/postgresql) for more configuration options. |
| `database.postgresql.user` | `postgresql.auth.username` | Check [Bitnami Postgresql](https://artifacthub.io/packages/helm/bitnami/postgresql) for more configuration options. |
| `database.postgresql.password` | `postgresql.auth.password` | Check [Bitnami Postgresql](https://artifacthub.io/packages/helm/bitnami/postgresql) for more configuration options. |
| `mail.messageSizeLimitInMegabytes` | `limits.messageSizeLimitInMegabytes` | |
| `mail.authRatelimit` | `limits.authRatelimit.ip` | Additional limits available, please see `values.yaml` file for more options. |
| `front.externalService.pop3.pop3` | `front.externalService.services.pop3` | |
| `front.externalService.pop3.pop3s` | `front.externalService.services.pop3s` | |
| `front.externalService.imap.imap` | `front.externalService.services.imap` | |
| `front.externalService.imap.imaps` | `front.externalService.services.imaps` | |
| `front.externalService.smtp.smtp` | `front.externalService.services.smtp` | |
| `front.externalService.smtp.smtps` | `front.externalService.services.smtps` | |
| `front.externalService.smtp.submission` | `front.externalService.services.submission` | |
| `front.controller.kind` | `-` | Removed for now, using `Deployment` kind. To be addressed at a later stage. |
| `certmanager.*` | `-` | Removed. Configure using annotations on `ingress.annotations` to generate a valid certificate instead. |
| `ingress.tlsFlavor` | `ingress.tlsFlavorOverride` | |
| `ingress.externalIngress` | `ingress.enabled` | |
| `roundcube.*` | `webmail.*` | `roundcube` has been renamed to `webmail` |

1246
charts/mailu/README.md Normal file
View File

File diff suppressed because it is too large Load Diff

160
charts/mailu/ci/helm-lint-values.yaml Normal file
View File

@ -0,0 +1,160 @@
hostnames:
- example.com
domain: example.com
initialAccount:
enabled: true
username: mailadmin
domain: example.com
password: chang3m3!
secretKey: chang3m3!
subnet: 192.168.0.0/16
networkPolicy:
enabled: true
persistence:
single_pvc: false
postgresql:
enabled: true
postgresqlUsername: mailu
postgresqlPassword: chang3m3!
postgresqlDatabase: mailu
primary:
persistence:
enabled: true
size: 10Gi
resources:
requests:
memory: 500Mi
cpu: 100m
limits:
memory: 500Mi
cpu: 1
ingress:
enabled: true
selfSigned: true
annotations:
auth.cluster.arpa/enabled: "false"
front:
logLevel: INFO
# image:
# tag: master
resources:
requests:
memory: 100Mi
cpu: 100m
limits:
memory: 200Mi
cpu: 200m
admin:
logLevel: DEBUG
# image:
# tag: master
resources:
requests:
memory: 500Mi
cpu: 100m
limits:
memory: 500Mi
cpu: 1
postfix:
logLevel: INFO
# image:
# tag: master
resources:
requests:
memory: 2Gi
cpu: 100m
limits:
memory: 2Gi
cpu: 1
dovecot:
logLevel: INFO
# image:
# tag: master
resources:
requests:
memory: 500Mi
cpu: 100m
limits:
memory: 500Mi
cpu: 1
rspamd:
logLevel: INFO
# image:
# tag: master
resources:
requests:
memory: 100Mi
cpu: 100m
limits:
memory: 200Mi
cpu: 1
clamav:
logLevel: INFO
# image:
# tag: master
resources:
requests:
memory: 1Gi
cpu: 100m
limits:
memory: 2Gi
cpu: 1
webmail:
logLevel: INFO
# image:
# tag: master
resources:
requests:
memory: 100Mi
cpu: 100m
limits:
memory: 200Mi
cpu: 1
webdav:
logLevel: INFO
image:
tag: master
fetchmail:
logLevel: INFO
# image:
# tag: master
redis:
master:
resources:
requests:
memory: 500Mi
cpu: 100m
limits:
memory: 500Mi
cpu: 1
tika:
enabled: true
languages:
- en
- fr
oletools:
enabled: true
api:
enabled: true
token: chang3m3!

1
charts/mailu/linter_values.yaml Normal file
View File

@ -0,0 +1 @@
ci/helm-lint-values.yaml

38
charts/mailu/templates/NOTES.txt Normal file
View File

@ -0,0 +1,38 @@
CHART NAME: {{ .Chart.Name }}
CHART VERSION: {{ .Chart.Version }}
APP VERSION: {{ .Chart.AppVersion }}
** Please be patient while the chart is being deployed **
After all services are running, your mail system is reachable under
https://{{ .Values.hostnames|first }}
{{- if .Values.initialAccount.enabled }}
You can login to the admin panel using the following initial credentials (if not changed yet):
https://{{ .Values.hostnames|first }}/admin
Username: {{ .Values.initialAccount.username }}@{{ .Values.initialAccount.domain }}
The password can be retrieved in the '{{ include "mailu.initialAccount.secretName" . }}' secret.
To retrieve the password, run:
kubectl --namespace={{ .Release.Namespace }} get secrets {{ include "mailu.initialAccount.secretName" . }} -o jsonpath='{.data.{{ include "mailu.initialAccount.secretKey" . }}}' | base64 --decode
!!! Please change the password after 1st login !!!
{{- else }}
After you created an initial admin login (see docs), you can login to the admin panel at
https://{{ .Values.hostnames|first }}/admin
{{- end }}
!!! Please make sure you read and understand the warning about open relays in the README.md !!!
If you're upgrading from Mailu < 2024.06, please read this: https://mailu.io/2024.06/releases.html#after-upgrading
{{ include "mailu.validateValues" . }}

34
charts/mailu/templates/_claims.tpl Normal file
View File

@ -0,0 +1,34 @@
{{/* Admin pod persistent volume claim name */}}
{{ define "mailu.admin.claimName" }}
{{- .Values.persistence.single_pvc | ternary (include "mailu.claimName" .) .Values.admin.persistence.claimNameOverride | default (printf "%s-admin" (include "mailu.fullname" .)) -}}
{{- end -}}
{{/* Dovecot pod persistent volume claim name */}}
{{ define "mailu.dovecot.claimName" }}
{{- .Values.persistence.single_pvc | ternary (include "mailu.claimName" .) .Values.dovecot.persistence.claimNameOverride | default (printf "%s-dovecot" (include "mailu.fullname" .)) -}}
{{- end -}}
{{/* Postfix pod persistent volume claim name */}}
{{ define "mailu.postfix.claimName" }}
{{- .Values.persistence.single_pvc | ternary (include "mailu.claimName" .) .Values.postfix.persistence.claimNameOverride | default (printf "%s-postfix" (include "mailu.fullname" .)) -}}
{{- end -}}
{{/* Rspamd pod persistent volume claim name */}}
{{ define "mailu.rspamd.claimName" }}
{{- .Values.persistence.single_pvc | ternary (include "mailu.claimName" .) .Values.rspamd.persistence.claimNameOverride | default (printf "%s-rspamd" (include "mailu.fullname" .)) -}}
{{- end -}}
{{/* Roundcube pod persistent volume claim name */}}
{{ define "mailu.webmail.claimName" }}
{{- .Values.persistence.single_pvc | ternary (include "mailu.claimName" .) .Values.webmail.persistence.claimNameOverride | default (printf "%s-webmail" (include "mailu.fullname" .)) -}}
{{- end -}}
{{/* Fetchmail pod persistent volume claim name */}}
{{ define "mailu.fetchmail.claimName" }}
{{- .Values.persistence.single_pvc | ternary (include "mailu.claimName" .) .Values.fetchmail.persistence.claimNameOverride | default (printf "%s-fetchmail" (include "mailu.fullname" .)) -}}
{{- end -}}
{{/* Webdav pod persistent volume claim name */}}
{{ define "mailu.webdav.claimName" }}
{{- .Values.persistence.single_pvc | ternary (include "mailu.claimName" .) .Values.webdav.persistence.claimNameOverride | default (printf "%s-webdav" (include "mailu.fullname" .)) -}}
{{- end -}}

162
charts/mailu/templates/_database.tpl Normal file
View File

@ -0,0 +1,162 @@
{{/* Returns the database type (sqlite/mysql/postgresql) */}}
{{- define "mailu.database.type" -}}
{{- if or .Values.postgresql.enabled (and .Values.externalDatabase.enabled (eq .Values.externalDatabase.type "postgresql")) -}}
{{- print "postgresql" }}
{{- else if or .Values.mariadb.enabled (and .Values.externalDatabase.enabled (eq .Values.externalDatabase.type "mysql")) -}}
{{- print "mysql" }}
{{- else if not .Values.externalDatabase.enabled -}}
{{- print "sqlite" }}
{{- else -}}
{{ fail "Invalid database type. Use correct database type (mysql/postgresql) if using external database." }}
{{- end -}}
{{- end -}}
{{/* Returns the database hostname */}}
{{- define "mailu.database.host" -}}
{{- if .Values.mariadb.enabled -}}
{{- template "mariadb.primary.fullname" .Subcharts.mariadb -}}
{{- else if .Values.postgresql.enabled -}}
{{- template "postgresql.primary.fullname" .Subcharts.postgresql -}}
{{- else if .Values.externalDatabase.enabled -}}
{{- .Values.externalDatabase.host -}}
{{- end -}}
{{- end -}}
{{/* Return the database port */}}
{{- define "mailu.database.port" -}}
{{- if .Values.mariadb.enabled -}}
{{- print "3306" -}}
{{- else if .Values.postgresql.enabled -}}
{{- print "5432" -}}
{{- else -}}
{{- .Values.externalDatabase.port -}}
{{- end -}}
{{- end -}}
{{/* Return the database name for Mailu */}}
{{- define "mailu.database.name" -}}
{{- if .Values.mariadb.enabled -}}
{{- .Values.mariadb.auth.database | quote -}}
{{- else if .Values.postgresql.enabled -}}
{{- if .Values.global.postgresql -}}
{{- if .Values.global.postgresql.auth -}}
{{- coalesce .Values.global.postgresql.auth.database .Values.postgresql.auth.database | quote -}}
{{- else -}}
{{- .Values.postgresql.auth.database | quote -}}
{{- end -}}
{{- else -}}
{{- .Values.postgresql.auth.database | quote -}}
{{- end -}}
{{- else -}}
{{- (include "mailu.database.external.database" .) | quote }}
{{- end -}}
{{- end -}}
{{/* Return the database username for Mailu */}}
{{- define "mailu.database.username" -}}
{{- if .Values.mariadb.enabled -}}
{{- .Values.mariadb.auth.username | quote }}
{{- else if .Values.postgresql.enabled -}}
{{- if .Values.global.postgresql }}
{{- if .Values.global.postgresql.auth }}
{{- coalesce .Values.global.postgresql.auth.username .Values.postgresql.auth.username | quote -}}
{{- else -}}
{{- .Values.postgresql.auth.username | quote -}}
{{- end -}}
{{- else -}}
{{- .Values.postgresql.auth.username | quote -}}
{{- end -}}
{{- else }}
{{- (include "mailu.database.external.username" .) | quote }}
{{- end -}}
{{- end -}}
{{/* Return the name of the secret for the external database */}}
{{- define "mailu.database.external.secretName" -}}
{{ include "common.secrets.name" (dict "existingSecret" .Values.externalDatabase.existingSecret "defaultNameSuffix" "externaldb" "context" .) }}
{{- end -}}
{{/* Return the name of the external database */}}
{{- define "mailu.database.external.database" -}}
{{ (include "common.secrets.lookup" (dict "secret" (include "mailu.database.external.secretName" .) "key" .Values.externalDatabase.existingSecretDatabaseKey "defaultValue" .Values.externalDatabase.database "context" .)) | toString | b64dec }}
{{- end -}}
{{/* Return the username of the external database */}}
{{- define "mailu.database.external.username" -}}
{{ (include "common.secrets.lookup" (dict "secret" (include "mailu.database.external.secretName" .) "key" .Values.externalDatabase.existingSecretUsernameKey "defaultValue" .Values.externalDatabase.username "context" .)) | toString | b64dec }}
{{- end -}}
{{/* Return the password of the external database */}}
{{- define "mailu.database.external.password" -}}
{{ (include "common.secrets.lookup" (dict "secret" (include "mailu.database.external.secretName" .) "key" .Values.externalDatabase.existingSecretPasswordKey "defaultValue" .Values.externalDatabase.password "context" .)) | toString | b64dec }}
{{- end -}}
{{/* Return the name of the mailu database secret with its credentials */}}
{{- define "mailu.database.secretName" -}}
{{- if .Values.mariadb.enabled -}}
{{- template "mariadb.secretName" .Subcharts.mariadb -}}
{{- else if .Values.postgresql.enabled -}}
{{- template "postgresql.secretName" .Subcharts.postgresql -}}
{{- else if ne (include "mailu.database.type" .) "sqlite" -}}
{{- if .Values.externalDatabase.enabled -}}
{{- include "mailu.database.external.secretName" . -}}
{{- end -}}
{{- else -}}
{{- print "" -}}
{{- end -}}
{{- end -}}
{{/* Return the database password key */}}
{{- define "mailu.database.secretKey" -}}
{{- if .Values.mariadb.enabled -}}
{{- print "mariadb-password" -}}
{{- else if .Values.postgresql.enabled -}}
{{- print "password" -}}
{{- else -}}
{{- if .Values.externalDatabase.enabled -}}
{{- .Values.externalDatabase.existingSecretPasswordKey -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/* Return the database name for Roundcube */}}
{{- define "mailu.database.roundcube.name" -}}
{{- .Values.global.database.roundcube.database | quote }}
{{- end -}}
{{/* Return the database username for Roundcube */}}
{{- define "mailu.database.roundcube.username" -}}
{{- .Values.global.database.roundcube.username | quote }}
{{- end -}}
{{/* Return the database password for Roundcube */}}
{{- define "mailu.database.roundcube.password" -}}
{{- include "common.secrets.passwords.manage" (dict "secret" (include "mailu.database.roundcube.secretName" .) "key" (include "mailu.database.roundcube.secretKey" .) "providedValues" (list "global.database.roundcube.password" "database.mysql.roundcubePassword" "database.postgresql.roundcubePassword") "length" 10 "strong" true "context" .) }}
{{- end -}}
{{/* Return the name of the roundcube database secret */}}
{{- define "mailu.database.roundcube.secretName" -}}
{{- if .Values.global.database.roundcube.existingSecret -}}
{{- .Values.global.database.roundcube.existingSecret }}
{{- else -}}
{{- print "mailu-roundcube" }}
{{- end -}}
{{- end -}}
{{- define "mariadb.mailu.database.roundcube.secretName" -}}
{{- include "mailu.database.roundcube.secretName" -}}
{{- end -}}
{{/* Return the roundcube database password key */}}
{{- define "mailu.database.roundcube.secretKey" -}}
{{- if .Values.global.database.roundcube.existingSecret -}}
{{- if .Values.global.database.roundcube.existingSecretPasswordKey -}}
{{- .Values.global.database.roundcube.existingSecretPasswordKey }}
{{- else -}}
{{- print "roundcube-db-password" }}
{{- end -}}
{{- else -}}
{{- print "roundcube-db-password" }}
{{- end -}}
{{- end -}}

210
charts/mailu/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,210 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "mailu.name" -}}
{{- include "common.names.name" . -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "mailu.fullname" -}}
{{- include "common.names.fullname" . -}}
{{- end -}}
{{/*
Create the claimName: existingClaim if provided, otherwise claimNameOverride if provided, otherwise mailu-storage (or other fullname if overriden)
*/}}
{{- define "mailu.claimName" -}}
{{- if .Values.persistence.existingClaim -}}
{{- .Values.persistence.existingClaim -}}
{{- else if .Values.persistence.claimNameOverride -}}
{{- .Values.persistence.claimNameOverride -}}
{{- else -}}
{{ include "mailu.fullname" . }}-storage
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "mailu.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Mailu version. If Values.mailuVersion is not set, using Chart.AppVersion
*/}}
{{- define "mailu.version" -}}
{{- if .Values.mailuVersion -}}
{{- .Values.mailuVersion -}}
{{- else -}}
{{- .Chart.AppVersion -}}
{{- end -}}
{{- end -}}
{{/*
Get the cluster domain name or default to cluster.local
*/}}
{{- define "mailu.clusterDomain" -}}
{{- if .Values.clusterDomain -}}
{{- .Values.clusterDomain -}}
{{- else -}}
{{- print "cluster.local" -}}
{{- end -}}
{{- end -}}
{{/*
Get MailU domain name or throw an error if not set
*/}}
{{- define "mailu.domain" -}}
{{- if .Values.domain -}}
{{- .Values.domain -}}
{{- else -}}
{{- fail "You must set a domain name for Mailu (`domain:`)" -}}
{{- end -}}
{{- end -}}
{{/* Get the MailU TLS Flavor */}}
{{- define "mailu.tlsFlavor" -}}
{{- if .Values.ingress.tlsFlavorOverride -}}
{{- .Values.ingress.tlsFlavorOverride -}}
{{- else -}}
{{- if .Values.ingress.tls -}}
{{- print "cert" -}}
{{- else -}}
{{- print "notls" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Helper function to get the correct admin port.
Change was made in Mailu 2.0.22 and the port was switched from 80 to 8080.
This is for retro-compatibility purposes.
We need to perform some error handling in case the version provided is not a valid semver.
Only "master" is allowed to be used as a version other than the semver notation.
*/}}
{{- define "mailu.admin.port" -}}
{{- $semverRegex := `^v?(?:0|[1-9]\d*)\.(?:0|[1-9]\d*)\.(?:0|[1-9]\d*)(?:-[\da-zA-Z-]+(?:\.[\da-zA-Z-]+)*)?(?:\+[\da-zA-Z-]+(?:\.[\da-zA-Z-]+)*)?$` -}}
{{- $version := (default (include "mailu.version" .) .Values.admin.image.tag) -}}
{{- if mustRegexMatch $semverRegex $version -}}
{{- if semverCompare "<2.0.22" $version -}}
{{- print "80" -}}
{{- else -}}
{{- print "8080" -}}
{{- end -}}
{{- else -}}
{{- print "8080" -}}
{{- end -}}
{{- end -}}
{{/* Check for deprecated values and raise an error if found (upgrade to v1.0.0) */}}
{{- define "mailu.validateValues.deprecated" -}}
{{- $oldValues := list -}}
{{- $test := "" -}}
{{- if or .Values.database.type .Values.database.roundcubeType -}}
{{- $oldValues = append $oldValues "database" -}}
{{- end -}}
{{- if kindIs "map" .Values.mail -}}
{{- $oldValues = append $oldValues "mail" -}}
{{- end -}}
{{- if kindIs "map" .Values.certmanager -}}
{{- $oldValues = append $oldValues "certmanager" -}}
{{- end -}}
{{- if .Values.front.externalService.pop3 -}}
{{- $oldValues = append $oldValues "front.externalService.pop3" -}}
{{- end -}}
{{- if .Values.front.externalService.imap -}}
{{- $oldValues = append $oldValues "front.externalService.imap" -}}
{{- end -}}
{{- if .Values.front.externalService.smtp -}}
{{- $oldValues = append $oldValues "front.externalService.smtp" -}}
{{- end -}}
{{- if .Values.front.controller -}}
{{- if .Values.front.controller.kind -}}
{{- $oldValues = append $oldValues "front.controller.kind" -}}
{{- end -}}
{{- end -}}
{{- if .Values.ingress.tlsFlavor -}}
{{- $oldValues = append $oldValues "ingress.tlsFlavor" -}}
{{- end -}}
{{- if .Values.ingress.externalIngress -}}
{{- $oldValues = append $oldValues "ingress.externalIngress" -}}
{{- end -}}
{{- $oldValues := without $oldValues "" -}}
{{- $oldValue := join "\n" $oldValues -}}
{{- if $oldValues -}}
Deprecated configuration keys found in Values:
{{- range $oldValues -}}
{{- printf "\n - `%s`" . -}}
{{- end }}
Are you upgrading from a version < 1.0.0?
Please read the upgrade guide at XXX.
{{- end -}}
{{- end -}}
{{/* Compile all warnings into a single message, and call fail. */}}
{{- define "mailu.validateValues" -}}
{{- $messages := list -}}
{{- $messages := append $messages (include "mailu.validateValues.deprecated" .) -}}
{{- $messages := append $messages (include "mailu.validateValues.domain" .) -}}
{{- $messages := append $messages (include "mailu.validateValues.tika" .) -}}
{{- $messages := without $messages "" -}}
{{- $message := join "\n" $messages -}}
{{- if $message -}}
{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
{{- end -}}
{{- end -}}
{{/* Validate values - 'domain' needs to be set */}}
{{- define "mailu.validateValues.domain" -}}
{{- if not .Values.domain }}
mailu: domain
You need to set the domain to be used
{{- end -}}
{{- end -}}
{{/* Check if .Values.tika.enabled and .Values.tika.languages is a non-empty array.
If .Values.tika.enabled is false, then mailu.fullTextSearch should be "off".
If .Values.tika.enabled is true, and .Values.tika.languages is an empty array, throw an error.
If .Values.tika.enabled is true, and .Values.tika.languages is a non-empty array, then mailu.fullTextSearch should be all languages joined by a comma.
*/}}
{{- define "mailu.validateValues.tika" -}}
{{- if .Values.tika.enabled -}}
{{/* Check if .Values.tika.languages is an empty array */}}
{{- if not .Values.tika.languages -}}
mailu: tika
Tika is enabled but no languages are set (tika.enabled = true, tika.languages = [])
You need to set at least one language for Tika in tika.languages
{{- end -}}
{{- end -}}
{{- end -}}
{{/* Check if .Values.tika.enabled is false or a comma-separated list of languages in .Values.tika.languages */}}
{{- define "mailu.fullTextSearch" -}}
{{- if .Values.tika.enabled -}}
{{- if not .Values.tika.languages -}}
{{- print "off" -}}
{{- else -}}
{{- join "," .Values.tika.languages -}}
{{- end -}}
{{- else -}}
{{- print "off" -}}
{{- end -}}
{{- end -}}

118
charts/mailu/templates/_secrets.tpl Normal file
View File

@ -0,0 +1,118 @@
{{/* Return mailu secretKey */}}
{{- define "mailu.secretKey" -}}
{{- include "common.secrets.passwords.manage" (dict "secret" (include "mailu.secretName" .) "key" "secret-key" "providedValues" (list "secretKey") "length" 10 "strong" true "context" .) }}
{{- end -}}
{{/* Get the mailu secret name. */}}
{{- define "mailu.secretName" -}}
{{- include "common.secrets.name" (dict "existingSecret" .Values.existingSecret "defaultNameSuffix" "secret" "context" .) }}
{{- end -}}
{{/* Return mailu initialAccount.password */}}
{{- define "mailu.initialAccount.password" -}}
{{- include "common.secrets.passwords.manage" (dict "secret" (include "mailu.initialAccount.secretName" .) "key" (include "mailu.initialAccount.secretKey" .) "providedValues" (list "initialAccount.password") "length" 10 "strong" true "context" .) }}
{{- end -}}
{{/* Returns the mailu initialAccount secret name */}}
{{- define "mailu.initialAccount.secretName" -}}
{{- include "common.secrets.name" (dict "existingSecret" .Values.initialAccount.existingSecret "defaultNameSuffix" "initial-account" "context" .) }}
{{- end -}}
{{/* Returns the mailu initialAccount key that contains the password in the secret */}}
{{- define "mailu.initialAccount.secretKey" -}}
{{ if .Values.initialAccount.existingSecretPasswordKey }}
{{- .Values.initialAccount.existingSecretPasswordKey -}}
{{- else -}}
{{- print "initial-account-password" -}}
{{- end -}}
{{- end -}}
{{/* Get the certificates secret name */}}
{{- define "mailu.certificatesSecretName" -}}
{{- include "common.secrets.name" (dict "existingSecret" .Values.ingress.existingSecret "defaultNameSuffix" "certificates" "context" .) }}
{{- end -}}
{{/* Get the mailu externalRelay secret */}}
{{- define "mailu.externalRelay.secretName" -}}
{{- include "common.secrets.name" (dict "existingSecret" .Values.externalRelay.existingSecret "defaultNameSuffix" "external-relay" "context" .) }}
{{- end -}}
{{/* Get the mailu externalRelay username value */}}
{{- define "mailu.externalRelay.username" -}}
{{- include "common.secrets.passwords.manage" (dict "secret" (include "mailu.externalRelay.secretName" .) "key" .Values.externalRelay.usernameKey "providedValues" (list "externalRelay.username") "length" 10 "strong" false "context" .) }}
{{- end -}}
{{/* Get the mailu externalRelay password value */}}
{{- define "mailu.externalRelay.password" -}}
{{- include "common.secrets.passwords.manage" (dict "secret" (include "mailu.externalRelay.secretName" .) "key" .Values.externalRelay.passwordKey "providedValues" (list "externalRelay.password") "length" 24 "strong" true "context" .) }}
{{- end -}}
{{/* Return mailu api.token */}}
{{- define "mailu.api.token" -}}
{{- include "common.secrets.passwords.manage" (dict "secret" (include "mailu.api.secretName" .) "key" (include "mailu.api.secretKey" .) "providedValues" (list "api.token") "length" 16 "strong" true "context" .) }}
{{- end -}}
{{/* Returns the mailu api secret name */}}
{{- define "mailu.api.secretName" -}}
{{- include "common.secrets.name" (dict "existingSecret" .Values.api.existingSecret "defaultNameSuffix" "api" "context" .) }}
{{- end -}}
{{/* Returns the mailu api key that contains the token in the secret */}}
{{- define "mailu.api.secretKey" -}}
{{ if .Values.api.existingSecretTokenKey }}
{{- .Values.api.existingSecretTokenKey -}}
{{- else -}}
{{- print "api-token" -}}
{{- end -}}
{{- end -}}
{{/* Get the mailu env vars secrets */}}
{{- define "mailu.envvars.secrets" -}}
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: {{ template "mailu.secretName" . }}
key: secret-key
{{- if .Values.initialAccount.enabled }}
- name: INITIAL_ADMIN_PW
valueFrom:
secretKeyRef:
name: {{ include "mailu.initialAccount.secretName" . }}
key: {{ include "mailu.initialAccount.secretKey" . }}
{{- end }}
{{- if not (eq (include "mailu.database.type" .) "sqlite") }}
- name: DB_PW
valueFrom:
secretKeyRef:
name: {{ include "mailu.database.secretName" . }}
key: {{ include "mailu.database.secretKey" . }}
{{- end }}
{{- if .Values.webmail.enabled }}
- name: ROUNDCUBE_DB_PW
valueFrom:
secretKeyRef:
name: {{ include "mailu.database.roundcube.secretName" . }}
key: {{ include "mailu.database.roundcube.secretKey" . }}
{{- end }}
{{- if .Values.externalRelay.host }}
- name: RELAYUSER
valueFrom:
secretKeyRef:
name: {{ include "mailu.externalRelay.secretName" . }}
key: {{ .Values.externalRelay.usernameKey }}
- name: RELAYPASSWORD
valueFrom:
secretKeyRef:
name: {{ include "mailu.externalRelay.secretName" . }}
key: {{ .Values.externalRelay.passwordKey }}
{{- end }}
{{- if .Values.api.enabled }}
- name: API_TOKEN
valueFrom:
secretKeyRef:
name: {{ include "mailu.api.secretName" . }}
key: {{ include "mailu.api.secretKey" . }}
{{- end }}
{{- end -}}

254
charts/mailu/templates/_services.tpl Normal file
View File

@ -0,0 +1,254 @@
{{/*
Mailu services:
- admin
- clamav
- dovecot
- fetchmail
- front
- postfix
- redis
- webmail
- rspamd
- webdav
- oletools
- tika
Service name can be retrieved with `mailu.SERVICE.serviceName`
Service fqdn (within cluster) can be retrieved with `mailu.SERVICE.serviceFqdn`
*/}}
{{/* Returns admin internal service name. */}}
{{- define "mailu.admin.serviceName" -}}
{{- printf "%s-admin" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns admin internal service fqdn. */}}
{{- define "mailu.admin.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.admin.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Returns clamav internal service name. */}}
{{- define "mailu.clamav.serviceName" -}}
{{- printf "%s-clamav" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns clamav internal service fqdn. */}}
{{- define "mailu.clamav.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.clamav.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Returns clamav internal headless service name. */}}
{{- define "mailu.clamav.serviceNameHeadless" -}}
{{- printf "%s-headless" (include "mailu.clamav.serviceName" .) -}}
{{- end -}}
{{/* Returns dovecot internal service name. */}}
{{- define "mailu.dovecot.serviceName" -}}
{{- printf "%s-dovecot" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns dovecot internal service fqdn. */}}
{{- define "mailu.dovecot.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.dovecot.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Returns fetchmail internal service name. */}}
{{- define "mailu.fetchmail.serviceName" -}}
{{- printf "%s-fetchmail" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns fetchmail internal service fqdn. */}}
{{- define "mailu.fetchmail.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.fetchmail.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Returns front internal service name. */}}
{{- define "mailu.front.serviceName" -}}
{{- printf "%s-front" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns front internal service fqdn. */}}
{{- define "mailu.front.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.front.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Returns postfix internal service name. */}}
{{- define "mailu.postfix.serviceName" -}}
{{- printf "%s-postfix" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns postfix internal service fqdn. */}}
{{- define "mailu.postfix.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.postfix.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Returns redis internal service name. */}}
{{- define "mailu.redis.serviceName" -}}
{{- printf "%s-master" (include "common.names.dependency.fullname" (dict "chartName" "redis" "chartValues" .Values.redis "context" $)) -}}
{{- end -}}
{{/* Returns redis service fqdn. */}}
{{- define "mailu.redis.serviceFqdn" -}}
{{- if .Values.externalRedis.enabled -}}
{{- if not .Values.externalRedis.host -}}
{{- fail "externalRedis.host must be set when externalRedis.enabled is true" -}}
{{- else -}}
{{- printf "%s" .Values.externalRedis.host -}}
{{- end -}}
{{- else -}}
{{- printf "%s.%s.svc.%s" (include "mailu.redis.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{- end -}}
{{/* Returns redis port */}}
{{- define "mailu.redis.port" -}}
{{- if .Values.externalRedis.enabled -}}
{{- if not .Values.externalRedis.port -}}
{{- fail "externalRedis.port must be set when externalRedis.enabled is true" -}}
{{- else -}}
{{- printf "%d" (.Values.externalRedis.port | int) -}}
{{- end -}}
{{- else -}}
{{- printf "6379" -}}
{{- end -}}
{{- end -}}
{{/* Returns Redis database ID for the quota storage on the admin pod */}}
{{- define "mailu.redis.db.adminQuota" -}}
{{- if .Values.externalRedis.enabled -}}
{{- printf "%d" (.Values.externalRedis.adminQuotaDbId | int) -}}
{{- else -}}
{{- printf "1" -}}
{{- end -}}
{{- end -}}
{{/* Returns Redis database ID for the rate limit storage on the admin pod */}}
{{- define "mailu.redis.db.rateLimit" -}}
{{- if .Values.externalRedis.enabled -}}
{{- printf "%d" (.Values.externalRedis.adminRateLimitDbId | int) -}}
{{- else -}}
{{- printf "2" -}}
{{- end -}}
{{- end -}}
{{/* Returns webmail internal service name. */}}
{{- define "mailu.webmail.serviceName" -}}
{{- printf "%s-webmail" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns webmail internal service fqdn. */}}
{{- define "mailu.webmail.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.webmail.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Returns rspamd internal service name. */}}
{{- define "mailu.rspamd.serviceName" -}}
{{- printf "%s-rspamd" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns rspamd internal service fqdn. */}}
{{- define "mailu.rspamd.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.rspamd.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Returns webdav internal service name. */}}
{{- define "mailu.webdav.serviceName" -}}
{{- printf "%s-webdav" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns webdav internal service fqdn. */}}
{{- define "mailu.webdav.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.webdav.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Returns oletools internal service name. */}}
{{- define "mailu.oletools.serviceName" -}}
{{- printf "%s-oletools" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns oletools internal service fqdn. */}}
{{- define "mailu.oletools.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.oletools.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Returns tika internal service name. */}}
{{- define "mailu.tika.serviceName" -}}
{{- printf "%s-tika" (include "mailu.fullname" .) -}}
{{- end -}}
{{/* Returns tika internal service fqdn. */}}
{{- define "mailu.tika.serviceFqdn" -}}
{{- printf "%s.%s.svc.%s" (include "mailu.tika.serviceName" . ) (include "common.names.namespace" . ) (include "mailu.clusterDomain" . ) -}}
{{- end -}}
{{/* Combine the enabled ports that should be exposed into a comma-separated string */}}
{{- define "mailu.enabledPorts" -}}
{{- $enabledPorts := list -}}
{{- if .Values.ingress.enabled -}}
{{- $enabledPorts = append $enabledPorts "80" -}}
{{- $enabledPorts = append $enabledPorts "443" -}}
{{- end -}}
{{- if .Values.front.externalService.enabled -}}
{{- if .Values.front.externalService.ports.pop3 -}}
{{- $enabledPorts = append $enabledPorts "110" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.pop3s -}}
{{- $enabledPorts = append $enabledPorts "995" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.imap -}}
{{- $enabledPorts = append $enabledPorts "143" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.imaps -}}
{{- $enabledPorts = append $enabledPorts "993" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.smtp -}}
{{- $enabledPorts = append $enabledPorts "25" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.smtps -}}
{{- $enabledPorts = append $enabledPorts "465" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.submission -}}
{{- $enabledPorts = append $enabledPorts "587" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.manageSieve -}}
{{- $enabledPorts = append $enabledPorts "4190" -}}
{{- end -}}
{{- end -}}
{{- $enabledPortsString := join "," $enabledPorts -}}
{{- printf "%s" $enabledPortsString -}}
{{- end -}}
{{/* Combine the ports for which PROXY protocol should be enabled into a comma-separated string */}}
{{- define "mailu.proxyProtocolPorts" -}}
{{- $proxyProtocolPorts := list -}}
{{- if .Values.front.externalService.enabled -}}
{{- if .Values.front.externalService.ports.pop3 -}}
{{- $proxyProtocolPorts = append $proxyProtocolPorts "110" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.pop3s -}}
{{- $proxyProtocolPorts = append $proxyProtocolPorts "995" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.imap -}}
{{- $proxyProtocolPorts = append $proxyProtocolPorts "143" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.imaps -}}
{{- $proxyProtocolPorts = append $proxyProtocolPorts "993" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.smtp -}}
{{- $proxyProtocolPorts = append $proxyProtocolPorts "25" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.smtps -}}
{{- $proxyProtocolPorts = append $proxyProtocolPorts "465" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.submission -}}
{{- $proxyProtocolPorts = append $proxyProtocolPorts "587" -}}
{{- end -}}
{{- if .Values.front.externalService.ports.manageSieve -}}
{{- $proxyProtocolPorts = append $proxyProtocolPorts "4190" -}}
{{- end -}}
{{- end -}}
{{- $proxyProtocolPortsString := join "," $proxyProtocolPorts -}}
{{/* if any ports are enabled and .front.realIpFrom is empty, fail */}}
{{- if and (gt (len $proxyProtocolPorts) 0) (not .Values.front.realIpFrom) -}}
{{- fail "PROXY protocol is enabled for some ports, but front.realIpFrom is not set" -}}
{{- end -}}
{{/* if any ports are enabled and .front.realIpHeader is set, fail */}}
{{- if and (gt (len $proxyProtocolPorts) 0) .Values.front.realIpHeader -}}
{{- fail "PROXY protocol is enabled for some ports, but front.realIpHeader is set" -}}
{{- end -}}
{{- printf "%s" $proxyProtocolPortsString -}}
{{- end -}}

141
charts/mailu/templates/admin/deployment.yaml Normal file
View File

@ -0,0 +1,141 @@
---
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ printf "%s-admin" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: admin
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: 1
{{- if .Values.admin.updateStrategy }}
strategy: {{- toYaml .Values.admin.updateStrategy | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.admin.revisionHistoryLimit }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: admin
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: admin
{{- if .Values.admin.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.admin.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.admin.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.admin.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.admin.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.admin.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.admin.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.admin.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.admin.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.admin.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.admin.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.admin.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.admin.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.admin.priorityClassName }}
priorityClassName: {{ .Values.admin.priorityClassName | quote }}
{{- end }}
{{- if .Values.admin.schedulerName }}
schedulerName: {{ .Values.admin.schedulerName | quote }}
{{- end }}
{{- if .Values.admin.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.admin.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.admin.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.admin.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.admin.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.admin.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.admin.podSecurityContext.enabled }}
securityContext: {{- omit .Values.admin.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: admin
image: {{ .Values.imageRegistry }}/{{ .Values.admin.image.repository }}:{{ default (include "mailu.version" .) .Values.admin.image.tag }}
imagePullPolicy: {{ .Values.admin.image.pullPolicy }}
{{- if .Values.admin.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.admin.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
subPath: admin
mountPath: /data
- name: data
mountPath: /dkim
subPath: dkim
{{- if .Values.admin.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.admin.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.admin.logLevel }}
- name: QUOTA_STORAGE_URL
value: {{ printf "redis://%s:%s/%s" (include "mailu.redis.serviceFqdn" .) (include "mailu.redis.port" .) (include "mailu.redis.db.adminQuota" .) }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.admin.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.admin.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.admin.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.admin.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.admin.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.admin.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: http
containerPort: {{ int (include "mailu.admin.port" .) }}
protocol: TCP
{{- if .Values.admin.resources }}
resources: {{- toYaml .Values.admin.resources | nindent 12 }}
{{- end }}
{{- if .Values.admin.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.admin.startupProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /ping
port: http
{{- end }}
{{- if .Values.admin.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.admin.livenessProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /ping
port: http
{{- end }}
{{- if .Values.admin.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.admin.readinessProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /ping
port: http
{{- end }}
securityContext:
capabilities:
add:
- NET_BIND_SERVICE
{{- if .Values.admin.extraContainers }}
{{- toYaml .Values.admin.extraContainers | nindent 8 }}
{{- end }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "mailu.admin.claimName" . }}
{{- if .Values.admin.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.admin.extraVolumes "context" $) | nindent 8 }}
{{- end }}

33
charts/mailu/templates/admin/pvc.yaml Normal file
View File

@ -0,0 +1,33 @@
---
{{- if not .Values.persistence.single_pvc }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "mailu.admin.claimName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: admin
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.admin.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.admin.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.admin.persistence.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.admin.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.admin.persistence.size | quote }}
{{- if .Values.admin.persistence.storageClass }}
storageClassName: {{ .Values.admin.persistence.storageClass }}
{{- end }}
{{- end }}

21
charts/mailu/templates/admin/service.yaml Normal file
View File

@ -0,0 +1,21 @@
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.admin.serviceName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: admin
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.admin.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.admin.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: admin
ports:
- name: http
port: {{ int (include "mailu.admin.port" .) }}
protocol: TCP

36
charts/mailu/templates/clamav/service-headless.yaml Normal file
View File

@ -0,0 +1,36 @@
---
{{- if .Values.clamav.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.clamav.serviceNameHeadless" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: clamav
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
annotations:
{{- if .Values.clamav.service.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.clamav.service.annotations "context" $) | nindent 4 }}
{{- end }}
# Use this annotation in addition to the actual publishNotReadyAddresses
# field below because the annotation will stop being respected soon but the
# field is broken in some versions of Kubernetes:
# https://github.com/kubernetes/kubernetes/issues/58662
service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
spec:
type: ClusterIP
clusterIP: None
# We want all pods in the StatefulSet to have their addresses published for
# the sake of the other Postgresql pods even before they're ready, since they
# have to be able to talk to each other in order to become ready.
publishNotReadyAddresses: true
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: clamav
ports:
- name: clamav
port: 3310
targetPort: clamav
protocol: TCP
{{- end }}

24
charts/mailu/templates/clamav/service.yaml Normal file
View File

@ -0,0 +1,24 @@
---
{{- if .Values.clamav.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.clamav.serviceName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: clamav
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.clamav.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.clamav.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: clamav
ports:
- name: clamav
port: 3310
targetPort: clamav
protocol: TCP
{{- end }}

182
charts/mailu/templates/clamav/statefulset.yaml Normal file
View File

@ -0,0 +1,182 @@
---
{{- if .Values.clamav.enabled }}
apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }}
kind: StatefulSet
metadata:
name: {{ printf "%s-clamav" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: clamav
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: {{ .Values.clamav.replicaCount }}
{{- if .Values.clamav.updateStrategy }}
updateStrategy:
{{- include "common.tplvalues.render" (dict "value" .Values.clamav.updateStrategy "context" $ ) | nindent 4 }}
{{- end }}
serviceName: {{ include "mailu.clamav.serviceNameHeadless" . | quote }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: clamav
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: clamav
{{- if .Values.clamav.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.clamav.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.clamav.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.clamav.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.clamav.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.priorityClassName }}
priorityClassName: {{ .Values.clamav.priorityClassName | quote }}
{{- end }}
{{- if .Values.clamav.schedulerName }}
schedulerName: {{ .Values.clamav.schedulerName | quote }}
{{- end }}
{{- if .Values.clamav.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.clamav.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.clamav.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.clamav.podSecurityContext.enabled }}
securityContext: {{- omit .Values.clamav.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: clamav
image: {{ .Values.clamav.image.registry }}/{{ .Values.clamav.image.repository }}:{{ .Values.clamav.image.tag }}
imagePullPolicy: {{ .Values.clamav.image.pullPolicy }}
{{- if .Values.clamav.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.clamav.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
subPath: clamav
mountPath: /var/lib/clamav
{{- if .Values.clamav.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.clamav.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.clamav.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.clamav.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.clamav.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.clamav.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.clamav.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.clamav.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.clamav.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: clamav
containerPort: 3310
protocol: TCP
{{- if .Values.clamav.resources }}
resources: {{- toYaml .Values.clamav.resources | nindent 12 }}
{{- end }}
{{- if .Values.clamav.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.clamav.startupProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'kill -0 `cat /tmp/clamd.pid` && kill -0 `cat /tmp/freshclam.pid`'
{{- end }}
{{- if .Values.clamav.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.clamav.livenessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'kill -0 `cat /tmp/clamd.pid` && kill -0 `cat /tmp/freshclam.pid`'
{{- end }}
{{- if .Values.clamav.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.clamav.readinessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'kill -0 `cat /tmp/clamd.pid` && kill -0 `cat /tmp/freshclam.pid`'
{{- end }}
{{- if .Values.clamav.extraContainers }}
{{- toYaml .Values.clamav.extraContainers | nindent 8 }}
{{- end }}
volumes:
{{- if .Values.clamav.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.clamav.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- if not .Values.clamav.persistence.enabled }}
- name: data
emptyDir: {}
{{- else if .Values.clamav.persistence.existingClaim }}
- name: data
persistentVolumeClaim:
claimName: {{ printf "%s" (tpl .Values.clamav.persistence.existingClaim .) }}
{{- else }}
volumeClaimTemplates:
- metadata:
name: data
labels: {{- include "common.labels.standard" . | nindent 10 }}
app.kubernetes.io/component: clamav
{{- if .Values.clamav.persistence.labels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.clamav.persistence.labels "context" $ ) | nindent 10 }}
{{- end }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 10 }}
{{- end }}
{{- if or .Values.clamav.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.clamav.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.clamav.persistence.annotations "context" $ ) | nindent 10 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 10 }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.clamav.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.clamav.persistence.size | quote }}
{{- if .Values.clamav.persistence.selector }}
selector: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.persistence.selector "context" $) | nindent 10 }}
{{- end }}
{{- if .Values.clamav.persistence.dataSource }}
dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.clamav.persistence.dataSource "context" $) | nindent 10 }}
{{- end }}
{{- include "common.storage.class" (dict "persistence" .Values.clamav.persistence "global" .Values.global) | nindent 8 }}
{{- end }}
{{- end }}

19
charts/mailu/templates/dovecot/configmap.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- if and .Values.dovecot.overrides .Values.dovecot.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ printf "%s-dovecot-override" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: dovecot
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- with .Values.dovecot.overrides }}
data:
{{- .|toYaml|nindent 2 }}
{{ end }}
{{ end }}

164
charts/mailu/templates/dovecot/deployment.yaml Normal file
View File

@ -0,0 +1,164 @@
---
{{- if .Values.dovecot.enabled }}
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ printf "%s-dovecot" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: dovecot
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: 1
{{- if .Values.dovecot.updateStrategy }}
strategy: {{- toYaml .Values.dovecot.updateStrategy | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.dovecot.revisionHistoryLimit }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: dovecot
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: dovecot
{{- if .Values.dovecot.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.dovecot.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.dovecot.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.dovecot.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.dovecot.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.dovecot.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.dovecot.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.dovecot.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.dovecot.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.dovecot.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.dovecot.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.dovecot.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.dovecot.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.dovecot.priorityClassName }}
priorityClassName: {{ .Values.dovecot.priorityClassName | quote }}
{{- end }}
{{- if .Values.dovecot.schedulerName }}
schedulerName: {{ .Values.dovecot.schedulerName | quote }}
{{- end }}
{{- if .Values.dovecot.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.dovecot.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.dovecot.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.dovecot.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.dovecot.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.dovecot.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.dovecot.podSecurityContext.enabled }}
securityContext: {{- omit .Values.dovecot.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: dovecot
image: {{ .Values.imageRegistry }}/{{ .Values.dovecot.image.repository }}:{{ default (include "mailu.version" .) .Values.dovecot.image.tag }}
imagePullPolicy: {{ .Values.dovecot.image.pullPolicy }}
{{- if .Values.dovecot.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.dovecot.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
subPath: dovecotdata
mountPath: /data
- name: data
subPath: dovecotmail
mountPath: /mail
{{- if .Values.dovecot.overrides }}
- name: overrides
mountPath: /overrides
{{- end }}
{{- if .Values.dovecot.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.dovecot.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.dovecot.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.dovecot.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.dovecot.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.dovecot.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.dovecot.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.dovecot.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.dovecot.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: auth
containerPort: 2102
protocol: TCP
- name: lmtp
containerPort: 2525
protocol: TCP
- name: imap
containerPort: 143
protocol: TCP
- name: pop3
containerPort: 110
protocol: TCP
- name: sieve
containerPort: 4190
protocol: TCP
{{- if .Values.dovecot.resources }}
resources: {{- toYaml .Values.dovecot.resources | nindent 12 }}
{{- end }}
{{- if .Values.dovecot.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.dovecot.startupProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'kill -0 `cat /run/dovecot/master.pid`'
{{- end }}
{{- if .Values.dovecot.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.dovecot.livenessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'kill -0 `cat /run/dovecot/master.pid`'
{{- end }}
{{- if .Values.dovecot.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.dovecot.readinessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'kill -0 `cat /run/dovecot/master.pid`'
{{- end }}
{{- if .Values.dovecot.extraContainers }}
{{- toYaml .Values.dovecot.extraContainers | nindent 8 }}
{{- end }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "mailu.dovecot.claimName" . }}
{{- if .Values.dovecot.overrides }}
- name: overrides
configMap:
name: {{ printf "%s-dovecot-override" (include "mailu.fullname" .) }}
{{- end }}
{{- if .Values.dovecot.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.dovecot.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- end }}

35
charts/mailu/templates/dovecot/pvc.yaml Normal file
View File

@ -0,0 +1,35 @@
---
{{- if .Values.dovecot.enabled }}
{{- if not .Values.persistence.single_pvc }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "mailu.dovecot.claimName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: dovecot
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.dovecot.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.dovecot.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.dovecot.persistence.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.dovecot.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.dovecot.persistence.size | quote }}
{{- if .Values.dovecot.persistence.storageClass }}
storageClassName: {{ .Values.dovecot.persistence.storageClass }}
{{- end }}
{{- end }}
{{- end }}

35
charts/mailu/templates/dovecot/service.yaml Normal file
View File

@ -0,0 +1,35 @@
---
{{- if .Values.dovecot.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.dovecot.serviceName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: dovecot
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.dovecot.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.dovecot.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: dovecot
ports:
- name: imap-auth
port: 2102
protocol: TCP
- name: imap-transport
port: 2525
protocol: TCP
- name: imap-default
port: 143
protocol: TCP
- name: pop3
port: 110
protocol: TCP
- name: sieve
port: 4190
protocol: TCP
{{- end }}

177
charts/mailu/templates/envvars-configmap.yaml Normal file
View File

@ -0,0 +1,177 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
data:
ADMIN: {{ .Values.admin.enabled | quote }}
ANTIVIRUS_ACTION: {{ .Values.rspamd.antivirusAction | quote }}
AUTH_RATELIMIT_EXEMPTION_LENGTH: {{ .Values.limits.authRatelimit.exemptionLength | quote }}
AUTH_RATELIMIT_EXEMPTION: {{ .Values.limits.authRatelimit.exemption | quote }}
AUTH_RATELIMIT_IP_V4_MASK: {{ .Values.limits.authRatelimit.ipv4Mask | quote }}
AUTH_RATELIMIT_IP_V6_MASK: {{ .Values.limits.authRatelimit.ipv6Mask | quote }}
AUTH_RATELIMIT_IP: {{ .Values.limits.authRatelimit.ip | quote }}
AUTH_RATELIMIT_USER: {{ .Values.limits.authRatelimit.user | quote }}
AUTH_REQUIRE_TOKENS: {{ .Values.authRequireTokens | quote }}
BABEL_DEFAULT_LOCALE: "en"
BABEL_DEFAULT_TIMEZONE: "UTC"
BOOTSTRAP_SERVE_LOCAL: "true"
COMPRESSION_LEVEL: {{ .Values.dovecot.compressionLevel | quote }}
COMPRESSION: {{ .Values.dovecot.compression | quote }}
CREDENTIAL_ROUNDS: {{ .Values.credentialRounds | quote }}
DB_FLAVOR: {{ include "mailu.database.type" . }}
DB_HOST: {{ printf "%s:%s" (include "mailu.database.host" .) (include "mailu.database.port" .) | quote}}
DB_NAME: {{ include "mailu.database.name" . }}
# DB_PW => via secret
DB_USER: {{ include "mailu.database.username" . }}
DEBUG_ASSETS: ""
DEBUG: "false"
DEBUG_PROFILER: "false"
DEBUG_TB_INTERCEPT_REDIRECTS: "false"
DEFAULT_QUOTA: "1000000000"
DEFAULT_SPAM_THRESHOLD: "80"
DEFER_ON_TLS_ERROR: {{ .Values.tls.deferOnError | quote }}
DISABLE_STATISTICS: "false"
DKIM_PATH: "/dkim/{domain}.{selector}.key"
DKIM_SELECTOR: "dkim"
DMARC_RUA: {{ .Values.dmarc.rua | quote }}
DMARC_RUF: {{ .Values.dmarc.ruf | quote }}
DOMAIN_REGISTRATION: "false"
DOMAIN: {{ .Values.domain | quote }}
FETCHMAIL_DELAY: {{ .Values.fetchmail.delay | quote }}
FETCHMAIL_ENABLED: {{ .Values.fetchmail.enabled | quote }}
HOSTNAMES: {{ join "," .Values.hostnames }}
INBOUND_TLS_ENFORCE: {{ .Values.tls.inboundEnforce | quote }}
INSTANCE_ID_PATH: "/data/instance"
KUBERNETES_INGRESS: {{ .Values.ingress.enabled | quote }}
LETSENCRYPT_SHORTCHAIN: {{ .Values.letsencryptShortchain | quote }}
LOG_LEVEL: {{ .Values.logLevel | quote }}
LOGO_BACKGROUND: {{ .Values.customization.logoBackground | quote }}
LOGO_URL: {{ .Values.customization.logoUrl | quote }}
MAILU_HELM_CHART: "true"
# Temporary workaround for https://github.com/Mailu/helm-charts/issues/309 until MAILU_HELM_CHART is taken into consideration in Mailu
I_KNOW_MY_SETUP_DOESNT_FIT_REQUIREMENTS_AND_WONT_FILE_ISSUES_WITHOUT_PATCHES: "true"
MEMORY_SESSIONS: "false"
MESSAGE_RATELIMIT_EXEMPTION: {{ .Values.limits.messageRatelimit.exemption | quote }}
MESSAGE_RATELIMIT: {{ .Values.limits.messageRatelimit.value | quote }}
MESSAGE_SIZE_LIMIT: "{{ mul .Values.limits.messageSizeLimitInMegabytes (mul 1024 1024) }}"
OUTBOUND_TLS_LEVEL: {{ .Values.tls.outboundLevel | quote }}
PERMANENT_SESSION_LIFETIME: {{ .Values.permanentSessionLifetime | int64 | quote }}
PORTS: {{ include "mailu.enabledPorts" . }}
POSTMASTER: {{ .Values.postmaster | quote }}
PROXY_AUTH_CREATE: {{ .Values.proxyAuth.create | quote }}
PROXY_AUTH_HEADER: {{ .Values.proxyAuth.header | quote }}
PROXY_AUTH_WHITELIST: {{ .Values.proxyAuth.whitelist | quote }}
PROXY_PROTOCOL: {{ include "mailu.proxyProtocolPorts" . | quote }}
RATELIMIT_STORAGE_URL: {{ printf "redis://%s:%s/%s" (include "mailu.redis.serviceFqdn" .) (include "mailu.redis.port" .) (include "mailu.redis.db.rateLimit" .) }}
REAL_IP_FROM: {{ .Values.ingress.realIpFrom | quote }}
REAL_IP_HEADER: {{ .Values.ingress.realIpHeader | quote }}
RECAPTCHA_PRIVATE_KEY: ""
RECAPTCHA_PUBLIC_KEY: ""
RECIPIENT_DELIMITER: {{ .Values.recipientDelimiter | quote }}
REJECT_UNLISTED_RECIPIENT: "yes"
RELAYHOST: {{ .Values.externalRelay.host | quote }}
RELAYNETS: {{ (join "," .Values.externalRelay.networks) | quote }}
ROUNDCUBE_DB_FLAVOR: {{ include "mailu.database.type" . }}
# SECRET_KEY => via secret
SESSION_COOKIE_SECURE: {{ .Values.sessionCookieSecure | quote }}
# SESSION_KEY_BITS: 128 # TODO: Fix Mailu to parse int when from string
SESSION_TIMEOUT: {{ .Values.sessionTimeout | quote }}
SITENAME: {{ .Values.customization.siteName | quote }}
SQLALCHEMY_DATABASE_URI: "sqlite:////data/main.db"
SQLALCHEMY_TRACK_MODIFICATIONS: "false"
SQLITE_DATABASE_FILE: "data/main.db"
STATS_ENDPOINT: "19.{}.stats.mailu.io"
SUBNET6: {{ .Values.subnet6 | quote }}
SUBNET: {{ .Values.subnet | quote }}
TEMPLATES_AUTO_RELOAD: "true"
TLS_FLAVOR: {{ include "mailu.tlsFlavor" . }}
TLS_PERMISSIVE: "true"
TZ: {{ .Values.timezone | quote }}
WEB_ADMIN: {{ .Values.admin.uri | quote }}
WEBSITE: {{ .Values.customization.website | quote }}
WELCOME_BODY: {{ .Values.welcomeMessage.body | quote }}
WELCOME_SUBJECT: {{ .Values.welcomeMessage.subject | quote }}
WELCOME: {{ .Values.welcomeMessage.enabled | quote}}
WILDCARD_SENDERS: {{ .Values.wildcardSenders | join "," | quote }}
# Addresses
ADMIN_ADDRESS: {{ include "mailu.admin.serviceFqdn" . }}
ANTISPAM_ADDRESS: {{ include "mailu.rspamd.serviceFqdn" . }}
FRONT_ADDRESS: {{ include "mailu.front.serviceFqdn" . }}
IMAP_ADDRESS: {{ include "mailu.dovecot.serviceFqdn" . }}
REDIS_ADDRESS: {{ include "mailu.redis.serviceFqdn" . }}
SMTP_ADDRESS: {{ include "mailu.postfix.serviceFqdn" . }}
{{- if not (eq (include "mailu.database.type" .) "sqlite") }}
{{- if .Values.webmail.enabled }}
ROUNDCUBE_DB_USER: {{ include "mailu.database.roundcube.username" . }}
ROUNDCUBE_DB_NAME: {{ include "mailu.database.roundcube.name" . }}
ROUNDCUBE_DB_HOST: {{ printf "%s:%s" (include "mailu.database.host" .) (include "mailu.database.port" .) | quote}}
{{- end }}
{{- end }}
{{- if .Values.initialAccount.enabled }}
INITIAL_ADMIN_MODE: {{ .Values.initialAccount.mode | quote }}
INITIAL_ADMIN_ACCOUNT: {{ .Values.initialAccount.username | quote }}
INITIAL_ADMIN_DOMAIN: {{ .Values.initialAccount.domain | quote }}
{{- end }}
{{- if .Values.webmail.enabled }}
WEBMAIL: {{ .Values.webmail.type | quote }}
WEB_WEBMAIL: {{ .Values.webmail.uri | quote }}
WEBMAIL_ADDRESS: {{ include "mailu.webmail.serviceFqdn" . }}
WEBROOT_REDIRECT: {{ .Values.webmail.uri | quote }}
ROUNDCUBE_PLUGINS: {{ (join "," .Values.webmail.roundcubePlugins) | quote }}
{{- else }}
WEBMAIL: none
WEBMAIL_ADDRESS: localhost
WEB_WEBMAIL: /
WEBROOT_REDIRECT: /admin/
{{- end }}
{{- if .Values.webdav.enabled }}
WEBDAV: radicale
WEBDAV_ADDRESS: {{ include "mailu.webdav.serviceFqdn" . }}
{{- else }}
WEBDAV: none
WEBDAV_ADDRESS: localhost
{{- end }}
{{- if .Values.clamav.enabled }}
ANTIVIRUS: clamav
ANTIVIRUS_ADDRESS: {{ include "mailu.clamav.serviceFqdn" . }}
{{- else }}
ANTIVIRUS: none
ANTIVIRUS_ADDRESS: localhost
{{- end }}
{{- if .Values.oletools.enabled }}
OLETOOLS_ADDRESS: {{ include "mailu.oletools.serviceFqdn" . }}
SCAN_MACROS: "true"
{{- else }}
SCAN_MACROS: "false"
{{- end }}
{{- if .Values.tika.enabled }}
FULL_TEXT_SEARCH: {{ include "mailu.fullTextSearch" . }}
FULL_TEXT_SEARCH_ATTACHMENTS: "true"
FTS_ATTACHMENTS_ADDRESS: {{ include "mailu.tika.serviceFqdn" . }}
{{- else }}
FULL_TEXT_SEARCH_ATTACHMENTS: "false"
{{- end}}
{{- if .Values.api.enabled }}
API: "true"
WEB_API: {{ .Values.api.webPath | quote }}
{{- else }}
API: "false"
{{- end }}

147
charts/mailu/templates/fetchmail/deployment.yaml Normal file
View File

@ -0,0 +1,147 @@
---
{{- if .Values.fetchmail.enabled }}
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ printf "%s-fetchmail" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: fetchmail
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: 1
{{- if .Values.fetchmail.updateStrategy }}
strategy: {{- toYaml .Values.fetchmail.updateStrategy | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.fetchmail.revisionHistoryLimit }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: fetchmail
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: fetchmail
{{- if .Values.fetchmail.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.fetchmail.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.fetchmail.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.fetchmail.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.fetchmail.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.fetchmail.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.fetchmail.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.fetchmail.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.fetchmail.priorityClassName }}
priorityClassName: {{ .Values.fetchmail.priorityClassName | quote }}
{{- end }}
{{- if .Values.fetchmail.schedulerName }}
schedulerName: {{ .Values.fetchmail.schedulerName | quote }}
{{- end }}
{{- if .Values.fetchmail.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.fetchmail.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.fetchmail.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.fetchmail.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.fetchmail.podSecurityContext.enabled }}
securityContext: {{- omit .Values.fetchmail.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: fetchmail
image: {{ .Values.imageRegistry }}/{{ .Values.fetchmail.image.repository }}:{{ default (include "mailu.version" .) .Values.fetchmail.image.tag }}
imagePullPolicy: {{ .Values.fetchmail.image.pullPolicy }}
{{- if .Values.fetchmail.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.fetchmail.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
subPath: fetchmail
mountPath: /data
{{- if .Values.fetchmail.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: DEBUG
{{- if eq (default .Values.logLevel .Values.fetchmail.logLevel) "DEBUG" }}
value: "True"
{{- else }}
value: "False"
{{- end }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.fetchmail.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.fetchmail.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.fetchmail.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.fetchmail.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.fetchmail.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: fetchmail
containerPort: 5232
protocol: TCP
- name: http
containerPort: 80
protocol: TCP
{{- if .Values.fetchmail.resources }}
resources: {{- toYaml .Values.fetchmail.resources | nindent 12 }}
{{- end }}
{{- if .Values.fetchmail.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.fetchmail.startupProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'ps ax | grep [/]fetchmail.py'
{{- end }}
{{- if .Values.fetchmail.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.fetchmail.livenessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'ps ax | grep [/]fetchmail.py'
{{- end }}
{{- if .Values.fetchmail.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.fetchmail.readinessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'ps ax | grep [/]fetchmail.py'
{{- end }}
{{- if .Values.fetchmail.extraContainers }}
{{- toYaml .Values.fetchmail.extraContainers | nindent 8 }}
{{- end }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "mailu.fetchmail.claimName" . }}
{{- if .Values.fetchmail.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.fetchmail.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- end }}

33
charts/mailu/templates/fetchmail/pvc.yaml Normal file
View File

@ -0,0 +1,33 @@
---
{{- if and (.Values.fetchmail.enabled) (not .Values.persistence.single_pvc) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "mailu.fetchmail.claimName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: fetchmail
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.fetchmail.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.fetchmail.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.fetchmail.persistence.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.fetchmail.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.fetchmail.persistence.size | quote }}
{{- if .Values.fetchmail.persistence.storageClass }}
storageClassName: {{ .Values.fetchmail.persistence.storageClass }}
{{- end }}
{{- end }}

206
charts/mailu/templates/front/deployment.yaml Normal file
View File

@ -0,0 +1,206 @@
---
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: {{ .Values.front.kind }}
metadata:
name: {{ printf "%s-front" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: front
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
{{- if eq .Values.front.kind "Deployment" }}
replicas: {{ .Values.front.replicaCount }}
{{- end }}
{{- if and .Values.front.updateStrategy (eq .Values.front.kind "Deployment") }}
strategy: {{- toYaml .Values.front.updateStrategy | nindent 4 }}
{{- end }}
{{- if and .Values.front.updateStrategy (eq .Values.front.kind "DaemonSet") }}
updateStrategy: {{- toYaml .Values.front.updateStrategy | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.front.revisionHistoryLimit }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: front
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: front
{{- if .Values.front.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.front.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.front.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.front.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.front.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.front.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.front.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.front.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.front.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.priorityClassName }}
priorityClassName: {{ .Values.front.priorityClassName | quote }}
{{- end }}
{{- if .Values.front.schedulerName }}
schedulerName: {{ .Values.front.schedulerName | quote }}
{{- end }}
{{- if .Values.front.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.front.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.front.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.front.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.front.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.front.podSecurityContext.enabled }}
securityContext: {{- omit .Values.front.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: front
image: {{ .Values.imageRegistry }}/{{ .Values.front.image.repository }}:{{ default (include "mailu.version" .) .Values.front.image.tag }}
imagePullPolicy: {{ .Values.front.image.pullPolicy }}
{{- if .Values.front.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.front.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: certs
mountPath: /certs
{{- if .Values.front.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.front.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.front.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.front.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.front.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.front.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.front.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.front.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.front.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: pop3
protocol: TCP
containerPort: 110
{{- if .Values.front.hostPort.enabled }}
hostPort: 110
{{- end}}
- name: pop3s
protocol: TCP
containerPort: 995
{{- if .Values.front.hostPort.enabled }}
hostPort: 995
{{- end}}
- name: imap
protocol: TCP
containerPort: 143
{{- if .Values.front.hostPort.enabled }}
hostPort: 143
{{- end}}
- name: imaps
protocol: TCP
containerPort: 993
{{- if .Values.front.hostPort.enabled }}
hostPort: 993
{{- end}}
- name: smtp
protocol: TCP
containerPort: 25
{{- if .Values.front.hostPort.enabled }}
hostPort: 25
{{- end}}
- name: smtps
protocol: TCP
containerPort: 465
{{- if .Values.front.hostPort.enabled }}
hostPort: 465
{{- end}}
- name: smtp-auth
protocol: TCP
containerPort: 10025
- name: imap-auth
protocol: TCP
containerPort: 10143
- name: smtpd
protocol: TCP
containerPort: 587
{{- if .Values.front.hostPort.enabled }}
hostPort: 587
{{- end}}
- name: auth
containerPort: 8000
protocol: TCP
- name: http
containerPort: 80
protocol: TCP
- name: sieve
containerPort: 14190
protocol: TCP
{{ if not .Values.ingress.enabled }}
- name: https
containerPort: 443
protocol: TCP
{{end}}
{{- if .Values.front.resources }}
resources: {{- toYaml .Values.front.resources | nindent 12 }}
{{- end }}
{{- if .Values.front.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.front.startupProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'curl -skfLo /dev/null http://127.0.0.1:10204/health && kill -0 `cat /run/dovecot/master.pid`'
{{- end }}
{{- if .Values.front.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.front.livenessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'curl -skfLo /dev/null http://127.0.0.1:10204/health && kill -0 `cat /run/dovecot/master.pid`'
{{- end }}
{{- if .Values.front.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.front.readinessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'curl -skfLo /dev/null http://127.0.0.1:10204/health && kill -0 `cat /run/dovecot/master.pid`'
{{- end }}
{{- if .Values.front.extraContainers }}
{{- toYaml .Values.front.extraContainers | nindent 8 }}
{{- end }}
volumes:
- name: certs
secret:
items:
- key: tls.crt
path: cert.pem
- key: tls.key
path: key.pem
secretName: {{ include "mailu.certificatesSecretName" . }}
{{- if .Values.front.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.front.extraVolumes "context" $) | nindent 8 }}
{{- end }}

65
charts/mailu/templates/front/ingress.yaml Normal file
View File

@ -0,0 +1,65 @@
---
{{/* TODO: add support for Traefik */}}
{{- if .Values.ingress.enabled }}
apiVersion: {{ include "common.capabilities.ingress.apiVersion" . }}
kind: Ingress
metadata:
name: {{ include "mailu.fullname" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
annotations:
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
{{- if .Values.ingress.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.ingress.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.ingress.ingressClassName (eq "true" (include "common.ingress.supportsIngressClassname" .)) }}
ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
{{- end }}
rules:
{{- range .Values.hostnames }}
- host: {{ . | quote }}
http:
paths:
{{- if $.Values.ingress.extraPaths }}
{{- toYaml $.Values.ingress.extraPaths | nindent 10 }}
{{- end }}
- path: {{ $.Values.ingress.path }}
{{- if eq "true" (include "common.ingress.supportsPathType" $) }}
pathType: {{ $.Values.ingress.pathType }}
{{- end }}
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "mailu.front.serviceName" $) "servicePort" "https" "context" $) | nindent 14 }}
{{- end }}
{{- range .Values.ingress.extraHosts }}
- host: {{ .name | quote }}
http:
paths:
- path: {{ default "/" .path }}
{{- if eq "true" (include "common.ingress.supportsPathType" $) }}
pathType: {{ default "ImplementationSpecific" .pathType }}
{{- end }}
backend: {{- include "common.ingress.backend" (dict "serviceName" (include "mailu.front.serviceName" $) "servicePort" "https" "context" $) | nindent 14 }}
{{- end }}
{{- if .Values.ingress.extraRules }}
{{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- if or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.secrets .Values.ingress.selfSigned .Values.ingress.existingSecret }}
- secretName: {{ include "mailu.certificatesSecretName" . }}
hosts:
{{- range .Values.hostnames }}
- {{ . | quote }}
{{- end }}
{{- end }}
{{- if .Values.ingress.extraTls }}
{{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraTls "context" $) | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}

91
charts/mailu/templates/front/service-external.yaml Normal file
View File

@ -0,0 +1,91 @@
{{- if .Values.front.externalService.enabled -}}
---
apiVersion: v1
kind: Service
metadata:
name: {{ printf "%s-ext" (include "mailu.front.serviceName" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: front
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.front.externalService.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.front.externalService.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: front
{{- with .Values.front.externalService }}
type: {{ .type | default "ClusterIP" }}
externalTrafficPolicy: {{ .externalTrafficPolicy | default "Local" }}
{{- if .loadBalancerIP }}
loadBalancerIP: {{ .loadBalancerIP }}
{{- end }}
ports:
{{- if .ports.pop3 }}
- name: pop3
port: 110
protocol: TCP
{{ if eq $.Values.front.externalService.type "NodePort" -}}
nodePort: {{ .nodePorts.pop3 }}
{{- end }}
{{- end }}
{{- if .ports.pop3s }}
- name: pop3s
port: 995
protocol: TCP
{{ if eq $.Values.front.externalService.type "NodePort" -}}
nodePort: {{ .nodePorts.pop3s }}
{{- end }}
{{- end }}
{{- if .ports.imap }}
- name: imap
port: 143
protocol: TCP
{{ if eq $.Values.front.externalService.type "NodePort" -}}
nodePort: {{ .nodePorts.imap }}
{{- end }}
{{- end }}
{{- if .ports.imaps }}
- name: imaps
port: 993
protocol: TCP
{{ if eq $.Values.front.externalService.type "NodePort" -}}
nodePort: {{ .nodePorts.imaps }}
{{- end }}
{{- end }}
{{- if .ports.smtp }}
- name: smtp
port: 25
protocol: TCP
{{ if eq $.Values.front.externalService.type "NodePort" -}}
nodePort: {{ .nodePorts.smtp }}
{{- end }}
{{- end }}
{{- if .ports.smtps }}
- name: smtps
port: 465
protocol: TCP
{{ if eq $.Values.front.externalService.type "NodePort" -}}
nodePort: {{ .nodePorts.smtps }}
{{- end }}
{{- end }}
{{- if .ports.submission }}
- name: smtpd
port: 587
protocol: TCP
{{ if eq $.Values.front.externalService.type "NodePort" -}}
nodePort: {{ .nodePorts.submission }}
{{- end }}
{{- end }}
{{- if .ports.manageSieve }}
- name: sieve
port: 4190
protocol: TCP
{{ if eq $.Values.front.externalService.type "NodePort" -}}
nodePort: {{ .nodePorts.manageSieve }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

57
charts/mailu/templates/front/service.yaml Normal file
View File

@ -0,0 +1,57 @@
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.front.serviceName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: front
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.front.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.front.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: front
ports:
- name: pop3
port: 110
protocol: TCP
- name: pop3s
port: 995
protocol: TCP
- name: imap
port: 143
protocol: TCP
- name: imaps
port: 993
protocol: TCP
- name: smtp
port: 25
protocol: TCP
- name: smtps
port: 465
protocol: TCP
- name: smtpd
port: 587
protocol: TCP
- name: lmtp
port: 2525
protocol: TCP
- name: smtp-auth
port: 10025
protocol: TCP
- name: imap-auth
port: 10143
protocol: TCP
- name: http
port: 80
protocol: TCP
- name: sieve
port: 14190
protocol: TCP
- name: https
port: 443
protocol: TCP

120
charts/mailu/templates/network-policies.yaml Normal file
View File

@ -0,0 +1,120 @@
{{- if and .Values.networkPolicy.enabled }}
---
apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }}
kind: NetworkPolicy
metadata:
name: {{ printf "%s-default-deny" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
{{- end }}
spec:
podSelector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
policyTypes:
- Ingress
- Egress
ingress: []
egress: []
---
apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }}
kind: NetworkPolicy
metadata:
name: {{ printf "%s-allow-egress-all" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
{{- end }}
spec:
podSelector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
policyTypes:
- Egress
egress:
- {}
---
---
apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }}
kind: NetworkPolicy
metadata:
name: {{ printf "%s-allow-front" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
{{- end }}
spec:
podSelector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: front
ingress:
# Allow ports 80/TCP, 443/TCP for ingress controller
- ports:
- port: 80
protocol: TCP
- port: 443
protocol: TCP
from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: {{ .Values.networkPolicy.ingressController.namespace }}
podSelector:
{{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.ingressController.podSelector "context" $) | nindent 10 }}
# Allow ports 25/TCP, 110/TCP, 143/TCP, 465/TCP, 587/TCP, 995/TCP, 993/TCP, 4190/TCP through loadbalancer
- ports:
- port: 25
protocol: TCP
- port: 110
protocol: TCP
- port: 143
protocol: TCP
- port: 465
protocol: TCP
- port: 587
protocol: TCP
- port: 995
protocol: TCP
- port: 993
protocol: TCP
- port: 4190
protocol: TCP
---
apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }}
kind: NetworkPolicy
metadata:
name: {{ printf "%s-allow-internal" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
namespace: {{ .Release.Namespace }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
{{- end }}
spec:
podSelector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
ingress:
- from:
- namespaceSelector:
matchLabels:
kubernetes.io/metadata.name: {{ .Release.Namespace }}
podSelector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

134
charts/mailu/templates/oletools/deployment.yaml Normal file
View File

@ -0,0 +1,134 @@
---
{{- if .Values.oletools.enabled }}
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ printf "%s-oletools" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: oletools
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: 1
{{- if .Values.oletools.updateStrategy }}
strategy: {{- toYaml .Values.oletools.updateStrategy | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.oletools.revisionHistoryLimit }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: oletools
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: oletools
{{- if .Values.oletools.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.oletools.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.oletools.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.oletools.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.oletools.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.oletools.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.oletools.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.oletools.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.oletools.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.oletools.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.oletools.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.oletools.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.oletools.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.oletools.priorityClassName }}
priorityClassName: {{ .Values.oletools.priorityClassName | quote }}
{{- end }}
{{- if .Values.oletools.schedulerName }}
schedulerName: {{ .Values.oletools.schedulerName | quote }}
{{- end }}
{{- if .Values.oletools.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.oletools.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.oletools.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.oletools.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.oletools.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.oletools.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.oletools.podSecurityContext.enabled }}
securityContext: {{- omit .Values.oletools.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: oletools
image: {{ .Values.imageRegistry }}/{{ .Values.oletools.image.repository }}:{{ default (include "mailu.version" .) .Values.oletools.image.tag }}
imagePullPolicy: {{ .Values.oletools.image.pullPolicy }}
{{- if .Values.oletools.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.oletools.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.oletools.extraVolumeMounts }}
volumeMounts:
{{- include "common.tplvalues.render" (dict "value" .Values.oletools.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.oletools.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.oletools.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.oletools.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.oletools.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.oletools.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.oletools.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.oletools.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: olefy
containerPort: 11343
protocol: TCP
{{- if .Values.oletools.resources }}
resources: {{- toYaml .Values.oletools.resources | nindent 12 }}
{{- end }}
{{- if .Values.oletools.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.oletools.startupProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'echo PING|nc -q1 localhost 11343|grep PONG'
{{- end }}
{{- if .Values.oletools.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.oletools.livenessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'echo PING|nc -q1 localhost 11343|grep PONG'
{{- end }}
{{- if .Values.oletools.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.oletools.readinessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'echo PING|nc -q1 localhost 11343|grep PONG'
{{- end }}
{{- if .Values.oletools.extraContainers }}
{{- toYaml .Values.oletools.extraContainers | nindent 8 }}
{{- end }}
{{- if .Values.oletools.extraVolumes }}
volumes:
{{- include "common.tplvalues.render" (dict "value" .Values.oletools.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- end }}

23
charts/mailu/templates/oletools/service.yaml Normal file
View File

@ -0,0 +1,23 @@
---
{{- if .Values.oletools.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.oletools.serviceName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: oletools
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.oletools.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.oletools.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: oletools
ports:
- name: olefy
port: 11343
protocol: TCP
{{- end }}

19
charts/mailu/templates/postfix/configmap.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- if .Values.postfix.overrides }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ printf "%s-postfix-override" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: postfix
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- with .Values.postfix.overrides }}
data:
{{- .|toYaml|nindent 2 }}
{{ end }}
{{ end }}

156
charts/mailu/templates/postfix/deployment.yaml Normal file
View File

@ -0,0 +1,156 @@
---
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ printf "%s-postfix" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: postfix
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: 1
{{- if .Values.postfix.updateStrategy }}
strategy: {{- toYaml .Values.postfix.updateStrategy | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.postfix.revisionHistoryLimit }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: postfix
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: postfix
{{- if .Values.postfix.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.postfix.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.postfix.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.postfix.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.postfix.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.postfix.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.postfix.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.postfix.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.postfix.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.postfix.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.postfix.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.postfix.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.postfix.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.postfix.priorityClassName }}
priorityClassName: {{ .Values.postfix.priorityClassName | quote }}
{{- end }}
{{- if .Values.postfix.schedulerName }}
schedulerName: {{ .Values.postfix.schedulerName | quote }}
{{- end }}
{{- if .Values.postfix.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.postfix.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.postfix.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.postfix.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.postfix.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.postfix.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.postfix.podSecurityContext.enabled }}
securityContext: {{- omit .Values.postfix.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: postfix
image: {{ .Values.imageRegistry }}/{{ .Values.postfix.image.repository }}:{{ default (include "mailu.version" .) .Values.postfix.image.tag }}
imagePullPolicy: {{ .Values.postfix.image.pullPolicy }}
{{- if .Values.postfix.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.postfix.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- mountPath: /queue
name: data
subPath: mailqueue
{{- if .Values.postfix.overrides }}
- name: overrides
mountPath: /overrides
{{- end }}
{{- if .Values.postfix.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.postfix.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.postfix.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.postfix.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.postfix.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.postfix.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.postfix.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.postfix.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.postfix.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: smtp
containerPort: 25
protocol: TCP
- name: smtp-ssl
containerPort: 465
protocol: TCP
- name: smtp-starttls
containerPort: 587
protocol: TCP
- name: smtp-auth
containerPort: 10025
protocol: TCP
{{- if .Values.postfix.resources }}
resources: {{- toYaml .Values.postfix.resources | nindent 12 }}
{{- end }}
{{- if .Values.postfix.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.postfix.startupProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- '! /usr/libexec/postfix/master -t'
{{- end }}
{{- if .Values.postfix.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.postfix.livenessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- '! /usr/libexec/postfix/master -t'
{{- end }}
{{- if .Values.postfix.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.postfix.readinessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- '! /usr/libexec/postfix/master -t'
{{- end }}
{{- if .Values.postfix.extraContainers }}
{{- toYaml .Values.postfix.extraContainers | nindent 8 }}
{{- end }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "mailu.postfix.claimName" . }}
{{- if .Values.postfix.overrides }}
- name: overrides
configMap:
name: {{ printf "%s-postfix-override" (include "mailu.fullname" .) }}
{{- end }}
{{- if .Values.postfix.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.postfix.extraVolumes "context" $) | nindent 8 }}
{{- end }}

33
charts/mailu/templates/postfix/pvc.yaml Normal file
View File

@ -0,0 +1,33 @@
---
{{- if not .Values.persistence.single_pvc }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "mailu.postfix.claimName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: postfix
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.postfix.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.postfix.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.postfix.persistence.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.postfix.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.postfix.persistence.size | quote }}
{{- if .Values.postfix.persistence.storageClass }}
storageClassName: {{ .Values.postfix.persistence.storageClass }}
{{- end }}
{{- end }}

30
charts/mailu/templates/postfix/service.yaml Normal file
View File

@ -0,0 +1,30 @@
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.postfix.serviceName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: postfix
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.postfix.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.postfix.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: postfix
ports:
- name: smtp
port: 25
protocol: TCP
- name: smtp-ssl
port: 465
protocol: TCP
- name: smtp-starttls
port: 587
protocol: TCP
- name: smtp-auth
port: 10025
protocol: TCP

45
charts/mailu/templates/pv-hostpath.yaml Normal file
View File

@ -0,0 +1,45 @@
{{- if and (and .Values.persistence.single_pvc .Values.persistence.hostPath) (not .Values.persistence.existingClaim) -}}
---
kind: PersistentVolume
apiVersion: v1
metadata:
name: {{ printf "%s-storage" (include "mailu.fullname" . ) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.persistence.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
capacity:
storage: {{ .Values.persistence.size }}
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
persistentVolumeReclaimPolicy: Retain
volumeMode: Filesystem
hostPath:
path: {{ .Values.persistence.hostPath }}
type: DirectoryOrCreate
{{ if .Values.nodeSelector }}
nodeAffinity:
required:
nodeSelectorTerms:
- matchExpressions:
{{- range $k, $v := .Values.nodeSelector }}
- key: "{{ $k }}"
operator: In
values:
- "{{ $v }}"
{{- end }}
{{ end }}
{{- end }}

35
charts/mailu/templates/pvc.yaml Normal file
View File

@ -0,0 +1,35 @@
{{- if and .Values.persistence.single_pvc (not .Values.persistence.existingClaim) -}}
---
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ printf "%s-storage" (include "mailu.fullname" . ) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.persistence.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.persistence.size | quote }}
{{- if and (.Values.persistence.storageClass) (not .Values.persistence.hostPath) }}
storageClassName: {{ .Values.persistence.storageClass }}
{{- end }}
{{- if .Values.persistence.hostPath }}
volumeName: {{ printf "%s-storage" (include "mailu.fullname" . ) }}
{{- end }}
{{- end }}

19
charts/mailu/templates/rspamd/configmap.yaml Normal file
View File

@ -0,0 +1,19 @@
{{- if and .Values.rspamd.overrides .Values.rspamd.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ printf "%s-rspamd-override" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: rspamd
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- with .Values.rspamd.overrides }}
data:
{{- .|toYaml|nindent 2 }}
{{ end }}
{{ end }}

150
charts/mailu/templates/rspamd/deployment.yaml Normal file
View File

@ -0,0 +1,150 @@
---
{{- if .Values.rspamd.enabled }}
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ printf "%s-rspamd" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: rspamd
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: 1
{{- if .Values.rspamd.updateStrategy }}
strategy: {{- toYaml .Values.rspamd.updateStrategy | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.rspamd.revisionHistoryLimit }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: rspamd
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: rspamd
{{- if .Values.rspamd.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.rspamd.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.rspamd.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.rspamd.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.rspamd.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.rspamd.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.rspamd.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.rspamd.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.rspamd.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.rspamd.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.rspamd.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.rspamd.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.rspamd.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.rspamd.priorityClassName }}
priorityClassName: {{ .Values.rspamd.priorityClassName | quote }}
{{- end }}
{{- if .Values.rspamd.schedulerName }}
schedulerName: {{ .Values.rspamd.schedulerName | quote }}
{{- end }}
{{- if .Values.rspamd.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.rspamd.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.rspamd.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.rspamd.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.rspamd.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.rspamd.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.rspamd.podSecurityContext.enabled }}
securityContext: {{- omit .Values.rspamd.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
hostname: rspamd # https://github.com/Mailu/helm-charts/issues/95
containers:
- name: rspamd
image: {{ .Values.imageRegistry }}/{{ .Values.rspamd.image.repository }}:{{ default (include "mailu.version" .) .Values.rspamd.image.tag }}
imagePullPolicy: {{ .Values.rspamd.image.pullPolicy }}
{{- if .Values.rspamd.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.rspamd.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
subPath: rspamd
mountPath: /var/lib/rspamd
- name: data
subPath: rspamd-local.d-maps.d
mountPath: /etc/rspamd/local.d/maps.d
{{- if .Values.rspamd.overrides }}
- name: overrides
mountPath: /overrides
{{- end }}
{{- if .Values.rspamd.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.rspamd.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.rspamd.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.rspamd.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.rspamd.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.rspamd.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.rspamd.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.rspamd.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.rspamd.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: rspamd
containerPort: 11332
protocol: TCP
- name: rspamd-http
containerPort: 11334
protocol: TCP
{{- if .Values.rspamd.resources }}
resources: {{- toYaml .Values.rspamd.resources | nindent 12 }}
{{- end }}
{{- if .Values.rspamd.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.rspamd.startupProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /
port: rspamd-http
{{- end }}
{{- if .Values.rspamd.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.rspamd.livenessProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /
port: rspamd-http
{{- end }}
{{- if .Values.rspamd.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.rspamd.readinessProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /
port: rspamd-http
{{- end }}
{{- if .Values.rspamd.extraContainers }}
{{- toYaml .Values.rspamd.extraContainers | nindent 8 }}
{{- end }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "mailu.rspamd.claimName" . }}
{{- if .Values.rspamd.overrides }}
- name: overrides
configMap:
name: {{ printf "%s-rspamd-override" (include "mailu.fullname" .) }}
{{- end }}
{{- if .Values.rspamd.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.rspamd.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{ end }}

33
charts/mailu/templates/rspamd/pvc.yaml Normal file
View File

@ -0,0 +1,33 @@
---
{{- if and (not .Values.persistence.single_pvc) .Values.rspamd.enabled }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "mailu.rspamd.claimName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: rspamd
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.rspamd.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.rspamd.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.rspamd.persistence.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.rspamd.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.rspamd.persistence.size | quote }}
{{- if .Values.rspamd.persistence.storageClass }}
storageClassName: {{ .Values.rspamd.persistence.storageClass }}
{{- end }}
{{- end }}

26
charts/mailu/templates/rspamd/service.yaml Normal file
View File

@ -0,0 +1,26 @@
---
{{- if .Values.rspamd.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.rspamd.serviceName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: rspamd
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.rspamd.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.rspamd.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: rspamd
ports:
- name: rspamd
port: 11332
protocol: TCP
- name: rspamd-http
protocol: TCP
port: 11334
{{ end }}

17
charts/mailu/templates/secret-api.yaml Normal file
View File

@ -0,0 +1,17 @@
{{- if and (.Values.api.enabled) (not .Values.api.existingSecret) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "mailu.api.secretName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" . ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" . ) | nindent 4 }}
{{- end }}
type: Opaque
data:
{{ include "mailu.api.secretKey" . -}}: {{ include "mailu.api.token" . }}
{{- end }}

20
charts/mailu/templates/secret-external-db.yaml Normal file
View File

@ -0,0 +1,20 @@
---
{{- if and .Values.externalDatabase.enabled (not .Values.externalDatabase.existingSecret) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "mailu.database.external.secretName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" . ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" . ) | nindent 4 }}
{{- end }}
type: Opaque
data:
{{ .Values.externalDatabase.existingSecretDatabaseKey -}}: {{ (include "mailu.database.external.database" . ) | toString | b64enc | quote }}
{{ .Values.externalDatabase.existingSecretUsernameKey -}}: {{ (include "mailu.database.external.username" . ) | toString | b64enc | quote }}
{{ .Values.externalDatabase.existingSecretPasswordKey -}}: {{ (include "mailu.database.external.password" . ) | toString | b64enc | quote }}
{{- end }}

19
charts/mailu/templates/secret-external-relay.yaml Normal file
View File

@ -0,0 +1,19 @@
---
{{- if and .Values.externalRelay.host (not .Values.externalRelay.existingSecret) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "mailu.externalRelay.secretName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" . ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" . ) | nindent 4 }}
{{- end }}
type: Opaque
data:
{{ .Values.externalRelay.usernameKey -}}: {{ (include "mailu.externalRelay.username" . ) }}
{{ .Values.externalRelay.passwordKey -}}: {{ (include "mailu.externalRelay.password" . ) }}
{{- end }}

17
charts/mailu/templates/secret-initial-account.yaml Normal file
View File

@ -0,0 +1,17 @@
{{- if and (.Values.initialAccount) (not .Values.initialAccount.existingSecret) }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "mailu.initialAccount.secretName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" . ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" . ) | nindent 4 }}
{{- end }}
type: Opaque
data:
{{ include "mailu.initialAccount.secretKey" . -}}: {{ include "mailu.initialAccount.password" . }}
{{- end }}

17
charts/mailu/templates/secret-key-secret.yaml Normal file
View File

@ -0,0 +1,17 @@
{{- if not .Values.existingSecret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "mailu.fullname" . }}-secret
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" . ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" . ) | nindent 4 }}
{{- end }}
type: Opaque
data:
secret-key: {{ include "mailu.secretKey" . }}
{{- end }}

45
charts/mailu/templates/secrets-tls.yaml Normal file
View File

@ -0,0 +1,45 @@
{{- if .Values.ingress.enabled }}
{{- if .Values.ingress.secrets }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .name }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" $ | nindent 4 }}
{{- if $.Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" $.Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if $.Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: kubernetes.io/tls
data:
tls.crt: {{ .certificate | b64enc }}
tls.key: {{ .key | b64enc }}
{{- end }}
{{- end }}
---
{{- if and .Values.ingress.tls .Values.ingress.selfSigned }}
{{- $ca := genCA "mailu-ca" 365 }}
{{- $cert := genSignedCert (.Values.hostnames | first) nil (.Values.hostnames) 365 $ca }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "mailu.certificatesSecretName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
type: kubernetes.io/tls
data:
tls.crt: {{ $cert.Cert | b64enc | quote }}
tls.key: {{ $cert.Key | b64enc | quote }}
ca.crt: {{ $ca.Cert | b64enc | quote }}
{{- end }}
{{- end }}

128
charts/mailu/templates/tika/deployment.yaml Normal file
View File

@ -0,0 +1,128 @@
---
{{- if .Values.tika.enabled }}
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ printf "%s-tika" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: tika
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: 1
{{- if .Values.tika.updateStrategy }}
strategy: {{- toYaml .Values.tika.updateStrategy | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.tika.revisionHistoryLimit }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: tika
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: tika
{{- if .Values.tika.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.tika.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.tika.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.tika.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.tika.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.tika.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.tika.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.tika.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.tika.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.tika.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.tika.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.tika.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tika.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.tika.priorityClassName }}
priorityClassName: {{ .Values.tika.priorityClassName | quote }}
{{- end }}
{{- if .Values.tika.schedulerName }}
schedulerName: {{ .Values.tika.schedulerName | quote }}
{{- end }}
{{- if .Values.tika.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.tika.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.tika.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.tika.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.tika.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.tika.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.tika.podSecurityContext.enabled }}
securityContext: {{- omit .Values.tika.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: tika
image: {{ .Values.tika.image.registry }}/{{ .Values.tika.image.repository }}:{{ .Values.tika.image.tag }}
imagePullPolicy: {{ .Values.tika.image.pullPolicy }}
{{- if .Values.tika.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.tika.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
{{- if .Values.tika.extraVolumeMounts }}
volumeMounts:
{{- include "common.tplvalues.render" (dict "value" .Values.tika.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.tika.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.tika.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.tika.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.tika.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.tika.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.tika.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.tika.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: http
containerPort: 9998
protocol: TCP
{{- if .Values.tika.resources }}
resources: {{- toYaml .Values.tika.resources | nindent 12 }}
{{- end }}
{{- if .Values.tika.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.tika.startupProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /tika
port: http
{{- end }}
{{- if .Values.tika.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.tika.livenessProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /tika
port: http
{{- end }}
{{- if .Values.tika.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.tika.readinessProbe "enabled") "context" $) | nindent 12 }}
httpGet:
path: /tika
port: http
{{- end }}
{{- if .Values.tika.extraContainers }}
{{- toYaml .Values.tika.extraContainers | nindent 8 }}
{{- end }}
{{- if .Values.tika.extraVolumes }}
volumes:
{{- include "common.tplvalues.render" (dict "value" .Values.tika.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- end }}

23
charts/mailu/templates/tika/service.yaml Normal file
View File

@ -0,0 +1,23 @@
---
{{- if .Values.tika.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.tika.serviceName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: tika
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.tika.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.tika.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: tika
ports:
- name: http
port: 9998
protocol: TCP
{{- end }}

140
charts/mailu/templates/webdav/deployment.yaml Normal file
View File

@ -0,0 +1,140 @@
---
{{- if .Values.webdav.enabled }}
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ printf "%s-webdav" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: webdav
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: 1
{{- if .Values.webdav.updateStrategy }}
strategy: {{- toYaml .Values.webdav.updateStrategy | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.webdav.revisionHistoryLimit }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: webdav
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: webdav
{{- if .Values.webdav.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.webdav.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webdav.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.webdav.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.webdav.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.webdav.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.webdav.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webdav.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.webdav.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webdav.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.webdav.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webdav.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.webdav.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webdav.priorityClassName }}
priorityClassName: {{ .Values.webdav.priorityClassName | quote }}
{{- end }}
{{- if .Values.webdav.schedulerName }}
schedulerName: {{ .Values.webdav.schedulerName | quote }}
{{- end }}
{{- if .Values.webdav.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.webdav.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webdav.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.webdav.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.webdav.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.webdav.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webdav.podSecurityContext.enabled }}
securityContext: {{- omit .Values.webdav.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: webdav
image: {{ .Values.imageRegistry }}/{{ .Values.webdav.image.repository }}:{{ default (include "mailu.version" .) .Values.webdav.image.tag }}
imagePullPolicy: {{ .Values.webdav.image.pullPolicy }}
{{- if .Values.webdav.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.webdav.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
subPath: webdav
mountPath: /data
{{- if .Values.webdav.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.webdav.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.webdav.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.webdav.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.webdav.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.webdav.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.webdav.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.webdav.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.webdav.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: http
containerPort: 5232
protocol: TCP
{{- if .Values.webdav.resources }}
resources: {{- toYaml .Values.webdav.resources | nindent 12 }}
{{- end }}
{{- if .Values.webdav.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.webdav.startupProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'ps ax | grep [/]radicale.conf'
{{- end }}
{{- if .Values.webdav.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.webdav.livenessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'ps ax | grep [/]radicale.conf'
{{- end }}
{{- if .Values.webdav.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.webdav.readinessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- sh
- -c
- 'ps ax | grep [/]radicale.conf'
{{- end }}
{{- if .Values.webdav.extraContainers }}
{{- toYaml .Values.webdav.extraContainers | nindent 8 }}
{{- end }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "mailu.webdav.claimName" . }}
{{- if .Values.webdav.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.webdav.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- end }}

33
charts/mailu/templates/webdav/pvc.yaml Normal file
View File

@ -0,0 +1,33 @@
---
{{- if and (.Values.webdav.enabled) (not .Values.persistence.single_pvc) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "mailu.webdav.claimName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: webdav
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.webdav.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.webdav.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.webdav.persistence.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.webdav.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.webdav.persistence.size | quote }}
{{- if .Values.webdav.persistence.storageClass }}
storageClassName: {{ .Values.webdav.persistence.storageClass }}
{{- end }}
{{- end }}

23
charts/mailu/templates/webdav/service.yaml Normal file
View File

@ -0,0 +1,23 @@
---
{{- if .Values.webdav.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.webdav.serviceName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: webdav
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.webdav.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.webdav.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: webdav
ports:
- name: http
port: 5232
protocol: TCP
{{- end }}

149
charts/mailu/templates/webmail/deployment.yaml Normal file
View File

@ -0,0 +1,149 @@
---
{{- if .Values.webmail.enabled }}
apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
kind: Deployment
metadata:
name: {{ printf "%s-webmail" (include "mailu.fullname" .) }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: webmail
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
spec:
replicas: 1
{{- if .Values.webmail.updateStrategy }}
strategy: {{- toYaml .Values.webmail.updateStrategy | nindent 4 }}
{{- end }}
revisionHistoryLimit: {{ .Values.webmail.revisionHistoryLimit }}
selector:
matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
app.kubernetes.io/component: webmail
template:
metadata:
labels: {{- include "common.labels.standard" . | nindent 8 }}
app.kubernetes.io/component: webmail
{{- if .Values.webmail.podLabels }}
{{- include "common.tplvalues.render" (dict "value" .Values.webmail.podLabels "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webmail.podAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.webmail.podAnnotations "context" $) | nindent 8 }}
{{- end }}
spec:
{{- include "common.images.pullSecrets" (dict "images" (list .Values.webmail.image) "global" .Values.global) | nindent 6 }}
{{- if .Values.webmail.hostAliases }}
hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.webmail.hostAliases "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webmail.nodeSelector }}
nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.webmail.nodeSelector "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webmail.affinity }}
affinity: {{- include "common.tplvalues.render" (dict "value" .Values.webmail.affinity "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webmail.tolerations }}
tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.webmail.tolerations "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webmail.priorityClassName }}
priorityClassName: {{ .Values.webmail.priorityClassName | quote }}
{{- end }}
{{- if .Values.webmail.schedulerName }}
schedulerName: {{ .Values.webmail.schedulerName | quote }}
{{- end }}
{{- if .Values.webmail.topologySpreadConstraints }}
topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.webmail.topologySpreadConstraints "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webmail.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.webmail.terminationGracePeriodSeconds }}
{{- end }}
{{- if .Values.webmail.initContainers }}
initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.webmail.initContainers "context" $) | nindent 8 }}
{{- end }}
{{- if .Values.webmail.podSecurityContext.enabled }}
securityContext: {{- omit .Values.webmail.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
containers:
- name: webmail
image: {{ .Values.imageRegistry }}/{{ .Values.webmail.image.repository }}:{{ default (include "mailu.version" .) .Values.webmail.image.tag }}
imagePullPolicy: {{ .Values.webmail.image.pullPolicy }}
{{- if .Values.webmail.containerSecurityContext.enabled }}
securityContext: {{- omit .Values.webmail.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
- mountPath: /data
name: data
subPath: webmail
{{- if .Values.webmail.extraVolumeMounts }}
{{- include "common.tplvalues.render" (dict "value" .Values.webmail.extraVolumeMounts "context" $) | nindent 12 }}
{{- end }}
env:
- name: LOG_LEVEL
value: {{ default .Values.logLevel .Values.webmail.logLevel }}
{{- tpl (include "mailu.envvars.secrets" .) $ | nindent 12 }}
{{- if .Values.webmail.extraEnvVars }}
{{- include "common.tplvalues.render" (dict "value" .Values.webmail.extraEnvVars "context" $) | nindent 12 }}
{{- end }}
envFrom:
- configMapRef:
name: {{ printf "%s-envvars" (include "mailu.fullname" .) }}
{{- if .Values.webmail.extraEnvVarsCM }}
- configMapRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.webmail.extraEnvVarsCM "context" $) }}
{{- end }}
{{- if .Values.webmail.extraEnvVarsSecret }}
- secretRef:
name: {{ include "common.tplvalues.render" (dict "value" .Values.webmail.extraEnvVarsSecret "context" $) }}
{{- end }}
ports:
- name: http
containerPort: 80
protocol: TCP
{{- if .Values.webmail.resources }}
resources: {{- toYaml .Values.webmail.resources | nindent 12 }}
{{- end }}
{{- if .Values.webmail.startupProbe.enabled }}
startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.webmail.startupProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- curl
- -f
- -L
- -H
- 'User-Agent: health'
- "http://localhost/ping"
{{- end }}
{{- if .Values.webmail.livenessProbe.enabled }}
livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.webmail.livenessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- curl
- -f
- -L
- -H
- 'User-Agent: health'
- "http://localhost/ping"
{{- end }}
{{- if .Values.webmail.readinessProbe.enabled }}
readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.webmail.readinessProbe "enabled") "context" $) | nindent 12 }}
exec:
command:
- curl
- -f
- -L
- -H
- 'User-Agent: health'
- "http://localhost/ping"
{{- end }}
{{- if .Values.webmail.extraContainers }}
{{- toYaml .Values.webmail.extraContainers | nindent 8 }}
{{- end }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "mailu.webmail.claimName" . }}
{{- if .Values.webmail.extraVolumes }}
{{- include "common.tplvalues.render" (dict "value" .Values.webmail.extraVolumes "context" $) | nindent 8 }}
{{- end }}
{{- end }}

33
charts/mailu/templates/webmail/pvc.yaml Normal file
View File

@ -0,0 +1,33 @@
---
{{- if and (.Values.webmail.enabled) (not .Values.persistence.single_pvc) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ include "mailu.webmail.claimName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: webmail
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if or .Values.webmail.persistence.annotations .Values.commonAnnotations }}
annotations:
{{- if .Values.webmail.persistence.annotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.webmail.persistence.annotations "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.commonAnnotations }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
{{- end }}
spec:
accessModes:
{{- range .Values.webmail.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.webmail.persistence.size | quote }}
{{- if .Values.webmail.persistence.storageClass }}
storageClassName: {{ .Values.webmail.persistence.storageClass }}
{{- end }}
{{- end }}

19
charts/mailu/templates/webmail/secret.yaml Normal file
View File

@ -0,0 +1,19 @@
---
{{- if and (not .Values.global.database.roundcube.existingSecret) .Values.webmail.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "mailu.database.roundcube.secretName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: webmail
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.webmail.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.webmail.service.annotations "context" $) | nindent 4 }}
{{- end }}
type: Opaque
data:
{{ include "mailu.database.roundcube.secretKey" . -}}: {{ (include "mailu.database.roundcube.password" . ) }}
{{- end }}

23
charts/mailu/templates/webmail/service.yaml Normal file
View File

@ -0,0 +1,23 @@
---
{{- if .Values.webmail.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "mailu.webmail.serviceName" . }}
namespace: {{ include "common.names.namespace" . | quote }}
labels: {{- include "common.labels.standard" . | nindent 4 }}
app.kubernetes.io/component: webmail
{{- if .Values.commonLabels }}
{{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
{{- end }}
{{- if .Values.webmail.service.annotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.webmail.service.annotations "context" $) | nindent 4 }}
{{- end }}
spec:
selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
app.kubernetes.io/component: webmail
ports:
- name: http
port: 80
protocol: TCP
{{- end }}

3014
charts/mailu/values.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

36
manifests/values.yaml Normal file
View File

@ -0,0 +1,36 @@
domain: dvirlabs.com
hostnames:
- mail.dvirlabs.com
ingress:
enabled: true
className: traefik
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: letsencrypt
tls:
certresolver: letsencrypt
persistence:
enabled: true
storageClass: nfs-client
size: 10Gi
admin:
username: admin
initialPassword: "changeme123"
tls:
certmanager:
enabled: true
secretName: mailu-certificates # Optional but keeps name predictable
service:
front:
type: ClusterIP
smtp:
type: ClusterIP
dkim:
enabled: true