badhouseplants/k8s-deployment
4
0
Fork 0
Code Issues 3 Pull Requests 13 Actions Packages Projects Releases Activity
c3fd525760
k8s-deployment/values/badhouseplants/values.mailu.yaml

200 lines
4.4 KiB
YAML
Raw Blame History

# ------------------------------------------
# -- Database extension is used to manage
# -- database with db-operator
# ------------------------------------------
ext-database:
enabled: true
name: mailu-postgres16
instance: postgres16
extraDatabase:
enabled: true
name: roundcube-postgres16
instance: postgres16
# ------------------------------------------
# -- Istio extenstion. Just because I'm
# -- not using ingress nginx
# ------------------------------------------
traefik:
enabled: true
tcpRoutes:
- name: mailu-smtp
service: mailu-front
match: HostSNI(`*`)
entrypoint: smtp
port: 25
- name: mailu-smtps
match: HostSNI(`*`)
service: mailu-front
entrypoint: smtps
port: 465
- name: mailu-smpt-startls
match: HostSNI(`*`)
service: mailu-front
entrypoint: smtp-startls
port: 587
- name: mailu-imap
match: HostSNI(`*`)
service: mailu-front
entrypoint: imap
port: 143
- name: mailu-imaps
match: HostSNI(`*`)
service: mailu-front
entrypoint: imaps
port: 993
- name: mailu-pop3
match: HostSNI(`*`)
service: mailu-front
entrypoint: pop3
port: 110
- name: mailu-pop3s
match: HostSNI(`*`)
service: mailu-front
entrypoint: pop3s
port: 993
subnet: 192.168.0.0/16
sessionCookieSecure: true
hostnames:
- email.badhouseplants.net
extraTls:
- hosts:
- badhouseplants.net
secretName: mailu-root-domain
domain: badhouseplants.net
persistence:
single_pvc: false
limits:
messageRatelimit:
value: "100/day"
tls:
outboundLevel: secure
ingress:
enabled: true
ingressClassName: traefik
tls: true
annotations:
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.global-static-ip-name: ""
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
tlsFlavorOverride: mail
# realIpFrom: traefik.kube-system.svc.cluster.local
# realIpHeader: "X-Real-IP"
front:
hostPort:
enabled: false
extraEnvVars:
- name: PROXY_PROTOCOL
value: "mail"
- name: REAL_IP_FROM
value: "192.168.0.0/16,10.43.0.0/16"
- name: AUTH_RATELIMIT_IP
value: 100/hour
- name: AUTH_RATELIMIT_USER
value: 50/day
admin:
resources:
requests:
memory: 100Mi
cpu: 70m
limits:
memory: 700Mi
cpu: 600m
startupProbe:
enabled: true
failureThreshold: 10
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
persistence:
size: 256Mi
redis:
resources:
requests:
memory: 100Mi
cpu: 70m
limits:
memory: 200Mi
cpu: 200m
master:
persistence:
enabled: false
postfix:
resources:
requests:
memory: 1024Mi
cpu: 200m
limits:
memory: 1024Mi
cpu: 200m
persistence:
size: 1Gi
dovecot:
logLevel: DEBUG
resources:
requests:
memory: 100Mi
cpu: 70m
limits:
memory: 400Mi
cpu: 300m
persistence:
size: 512Gi
roundcube:
resources:
requests:
memory: 100Mi
cpu: 70m
limits:
memory: 200Mi
cpu: 200m
persistence:
size: 512Mi
mysql:
enabled: false
postgresql:
enabled: false
## If using the built-in MariaDB or PostgreSQL, the `roundcube` database will be created automatically.
externalDatabase:
## @param externalDatabase.enabled Set to true to use an external database
enabled: true
type: postgresql
existingSecret: mailu-postgres16-creds
existingSecretDatabaseKey: POSTGRES_DB
existingSecretUsernameKey: POSTGRES_USER
existingSecretPasswordKey: POSTGRES_PASSWORD
host: postgres16-postgresql.databases.svc.cluster.local
port: 5432
rspamd:
resources:
requests:
memory: 100Mi
cpu: 100m
limits:
memory: 500Mi
cpu: 400m
startupProbe:
periodSeconds: 30
failureThreshold: 900
timeoutSeconds: 20
livenessProbe: {}
readinessProbe: {}
webmail:
persistence:
size: 512Mi
storageClass: ""
accessModes: [ReadWriteOnce]
claimNameOverride: ""
annotations: {}
global:
database:
roundcube:
database: applications-roundcube-postgres16
username: applications-roundcube-postgres16
existingSecret: roundcube-postgres16-creds
existingSecretPasswordKey: POSTGRES_PASSWORD
Reference in New Issue View Git Blame Copy Permalink