Install email server

2023-10-14 16:24:13 +02:00
parent 54a7dad780
commit 212930ec1a
15 changed files with 170 additions and 20 deletions
--- a/badhouseplants/helmfile.yaml
+++ b/badhouseplants/helmfile.yaml
@@ -87,6 +87,10 @@ releases:
    namespace: database-service
    createNamespace: true

+  - <<: *docker-mailserver
+    installed: true
+    namespace: mail-service
+    createNamespace: true

 bases:
  - ../environments.yaml
--- a/badhouseplants/values/values.argocd.yaml
+++ b/badhouseplants/values/values.argocd.yaml
@@ -7,7 +7,7 @@ istio:
  enabled: true
  istio:
    - name: argocd-http
-      gateway: badhouseplants-net
+      gateway: istio-system/badhouseplants-net
      kind: http
      hostname: argo.badhouseplants.net
      service: argocd-server
--- a/badhouseplants/values/values.bitwarden.yaml
+++ b/badhouseplants/values/values.bitwarden.yaml
@@ -7,7 +7,7 @@ istio:
  enabled: true
  istio:
    - name: bitwarden-http
-      gateway: badhouseplants-net
+      gateway: istio-system/badhouseplants-net
      kind: http
      hostname: bitwarden.badhouseplants.net
      service: bitwarden-vaultwarden
--- a/badhouseplants/values/values.docker-mailserver.yaml
+++ b/badhouseplants/values/values.docker-mailserver.yaml
@@ -0,0 +1,119 @@
+istio_gateway:
+  enabled: true
+  gateways:
+    - name: badhouseplants-email
+      servers:
+        - hosts:
+            - "*"
+          port:
+            name: smtp
+            number: 25
+            protocol: TCP
+        - hosts:
+            - "*"
+          port:
+            name: pop3
+            number: 110
+            protocol: TCP
+        - hosts:
+            - "*"
+          port:
+            name: imap
+            number: 143
+            protocol: TCP
+        - hosts:
+            - "*"
+          port:
+            name: smtps
+            number: 465
+            protocol: TCP
+        - hosts:
+            - "*"
+          port:
+            name: submission
+            number: 587
+            protocol: TCP
+        - hosts:
+            - "*"
+          port:
+            name: imaps
+            number: 993
+            protocol: TCP
+        - hosts:
+            - "*"
+          port:
+            name: pop3s
+            number: 995
+            protocol: TCP
+istio:
+  enabled: true
+  istio:
+    - name: docker-mailserver-smpt
+      kind: tcp
+      gateway: badhouseplants-email
+      service: docker-mailserver
+      hostname: badhousplants.net
+      port_match: 25
+      port: 25
+    - name: docker-mailserver-smpts
+      kind: tcp
+      gateway: badhouseplants-email
+      port_match: 465
+      hostname: badhousplants.net
+      service: docker-mailserver
+      port: 465
+    - name: docker-mailserver-smpt-startls
+      kind: tcp
+      gateway: badhouseplants-email
+      hostname: badhousplants.net
+      port_match: 587
+      service: docker-mailserver
+      port: 587
+    - name: docker-mailserver-imap
+      kind: tcp
+      hostname: badhousplants.net
+      gateway: badhouseplants-email
+      port_match: 143
+      service: docker-mailserver
+      port: 143
+    - name: docker-mailserver-imaps
+      kind: tcp
+      gateway: badhouseplants-email
+      hostname: badhousplants.net
+      port_match: 993
+      service: docker-mailserver
+      port: 993
+    - name: docker-mailserver-pop3
+      kind: tcp
+      gateway: badhouseplants-email
+      port_match: 110
+      hostname: badhousplants.net
+      service: docker-mailserver
+      port: 110
+    - name: docker-mailserver-pop3s
+      kind: tcp
+      gateway: badhouseplants-email
+      port_match: 993
+      hostname: badhousplants.net
+      service: docker-mailserver
+      port: 993
+
+demoMode:
+  enabled: false
+domains:
+  - badhouseplants.net
+  - "*.badhouseplants.net"
+ssl:
+  issuer:
+    name: badhouseplants-issuer
+    kind: ClusterIssuer
+  dnsname: badhouseplants.net
+  dns01provider: cloudflare
+  useExisting: false
+pod:
+  dockermailserver:
+    enable_fail2ban: "0"
+    ssl_type: manual
+service:
+  type: ClusterIP
+spfTestsDisabled: true
--- a/badhouseplants/values/values.drone.yaml
+++ b/badhouseplants/values/values.drone.yaml
@@ -6,7 +6,7 @@ istio:
  enabled: true
  istio:
    - name: drone-http
-      gateway: badhouseplants-net
+      gateway: istio-system/badhouseplants-net
      kind: http
      hostname: drone.badhouseplants.net
      service: drone
--- a/badhouseplants/values/values.funkwhale.yaml
+++ b/badhouseplants/values/values.funkwhale.yaml
@@ -7,7 +7,7 @@ istio:
  enabled: true
  istio:
    - name: funkwhale-http
-      gateway: badhouseplants-net
+      gateway: istio-system/badhouseplants-net
      kind: http
      hostname: funkwhale.badhouseplants.net
      service: funkwhale
--- a/badhouseplants/values/values.gitea.yaml
+++ b/badhouseplants/values/values.gitea.yaml
@@ -8,13 +8,13 @@ istio:
  istio:
    - name: gitea-http
      kind: http
-      gateway: badhouseplants-net
+      gateway: istio-system/badhouseplants-net
      hostname: git.badhouseplants.net
      service: gitea-http
      port: 3000
    - name: gitea-ssh
      kind: tcp
-      gateway: badhouseplants-ssh
+      gateway: istio-system/badhouseplants-ssh
      hostname: "*"
      port_match: 22
      service: gitea-ssh
--- a/badhouseplants/values/values.minecraft.yaml
+++ b/badhouseplants/values/values.minecraft.yaml
@@ -18,7 +18,7 @@ istio:
  enabled: true
  istio:
    - name: minecraft-tcp
-      gateway: badhouseplants-minecraft
+      gateway: istio-system/badhouseplants-minecraft
      kind: tcp
      port_match: 25565
      hostname: "*"
--- a/badhouseplants/values/values.minio.yaml
+++ b/badhouseplants/values/values.minio.yaml
@@ -7,13 +7,13 @@ istio:
  enabled: true
  istio:
    - name: minio-http
-      gateway: badhouseplants-net
+      gateway: istio-system/badhouseplants-net
      kind: http
      hostname: minio.badhouseplants.net
      service: minio-console
      port: 9001
    - name: s3-http
-      gateway: badhouseplants-net
+      gateway: istio-system/badhouseplants-net
      kind: http
      hostname: s3.badhouseplants.net
      service: minio
--- a/badhouseplants/values/values.nrodionov.yaml
+++ b/badhouseplants/values/values.nrodionov.yaml
@@ -7,7 +7,7 @@ istio:
  enabled: true
  istio:
    - name: nrodionov-http
-      gateway: nrodionov-info
+      gateway: istio-system/nrodionov-info
      kind: http
      hostname: dev.nrodionov.info
      service: nrodionov-wordpress
--- a/badhouseplants/values/values.openvpn.yaml
+++ b/badhouseplants/values/values.openvpn.yaml
@@ -7,19 +7,12 @@ istio:
  enabled: true
  istio:
    - name: openvpn-tcp
-      gateway: badhouseplants-vpn
+      gateway: istio-system/badhouseplants-vpn
      kind: tcp
      port_match: 1194
      hostname: "*"
      service: openvpn
      port: 1194
-    - name: openvpn-tcp-fake-port
-      gateway: badhouseplants-vpn
-      kind: tcp
-      port_match: 25
-      hostname: "*"
-      service: openvpn
-      port: 1194
 # ------------------------------------------
 image:
  tag: v2.6.5-xor-4.0.0beta08
--- a/badhouseplants/values/values.prometheus.yaml
+++ b/badhouseplants/values/values.prometheus.yaml
@@ -7,7 +7,7 @@ istio:
  enabled: true
  istio:
    - name: grafana-https
-      gateway: badhouseplants-net
+      gateway: istio-system/badhouseplants-net
      kind: http
      hostname: "grafana.badhouseplants.net"
      service: prometheus-grafana
--- a/common/values.istio-gateway.yaml
+++ b/common/values.istio-gateway.yaml
@@ -0,0 +1,16 @@
+---
+istio_gateway:
+  templates:
+    - |
+        {{ range .Values.gateways }}
+        ---
+        apiVersion: networking.istio.io/v1beta1
+        kind: Gateway
+        metadata:
+          name: {{ .name }}
+        spec:
+          selector: 
+            istio: ingressgateway
+          servers:
+        {{ toYaml .servers | indent 4 }}
+        {{ end }}
--- a/common/values.istio.yaml
+++ b/common/values.istio.yaml
@@ -10,7 +10,7 @@ istio:
          name: {{ .name }}
        spec:
          gateways:
-          - "istio-system/{{ .gateway }}"
+          - "{{ .gateway }}"
          hosts:
          -  {{ .hostname | quote }}
          {{- if eq  .kind "http" }}
--- a/releases.yaml
+++ b/releases.yaml
@@ -41,6 +41,14 @@ templates:
  # ----------------------------
  # -- Extensions
  # ----------------------------
+  ext-istio-gateway:
+    dependencies:
+      - chart: bedag/raw
+        version: 2.0.0
+        alias: istio_gateway
+    values:
+      - '{{ requiredEnv "PWD" }}/common/values.istio-gateway.yaml'
+
  ext-istio-resource:
    dependencies:
      - chart: bedag/raw
@@ -316,3 +324,13 @@ templates:
    inherit:
      - template: default-env-values
      - template: default-env-secrets
+
+  docker-mailserver: &docker-mailserver
+    name: docker-mailserver
+    chart: allanger-gitea/docker-mailserver
+    version: 2.1.3
+    inherit:
+      - template: default-env-values
+      - template: ext-istio-gateway
+      - template: ext-istio-resource
+