badhouseplants/k8s-deployment
4
0
Fork 0
Code Issues 3 Pull Requests 13 Actions Packages Projects Releases Activity
c3fd525760
k8s-deployment/values/badhouseplants/values.stalwart.yaml

191 lines
4.4 KiB
YAML
Raw Blame History

shortcuts:
hostname: stalwart.badhouseplants.net
workload:
initContainers:
prepare-config:
image:
registry: registry.hub.docker.com
repository: stalwartlabs/mail-server
tag:
pullPolicy: Always
mounts:
files:
config:
path: /app/config/config.toml
subPath: config.toml
extraVolumes:
etc:
path: /app/etc
command:
- sh
args:
- -c
- cp /app/config/config.toml /app/etc/config.toml
containers:
stalwart:
args:
- --config
- /app/etc/config.toml
mounts:
storage:
data:
path: /app/data
extraVolumes:
certs:
path: /app/certs
logs:
path: /app/logs
etc:
path: /app/etc
envFrom:
- secrets
storage:
data:
enabled: true
storageClassName: openebs-hostpath
size: 1Gi
accessModes:
- ReadWriteMany
extraVolumes:
certs:
secret:
secretName: stalwart.badhouseplants.net
etc:
emptyDir: {}
logs:
emptyDir: {}
ingress:
main:
annotations:
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.class: traefik
kubernetes.io/ingress.global-static-ip-name: ""
kubernetes.io/tls-acme: "true"
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
traefik:
enabled: true
tcpRoutes:
- name: stalwart-smtp
service: stalwart-smtp
match: HostSNI(`*`)
entrypoint: smtp
port: 25
- name: stalwart-smpt-startls
match: HostSNI(`*`)
service: stalwart-submission
entrypoint: smtp-startls
port: 587
- name: stalwart-imap
match: HostSNI(`*`)
service: stalwart-imap
entrypoint: imap
port: 143
- name: stalwart-imaps
match: HostSNI(`*`)
service: stalwart-imaptls
entrypoint: imaps
port: 993
- name: stalwart-pop3
match: HostSNI(`*`)
service: stalwart-pop3
entrypoint: pop3
port: 110
- name: stalwart-pop3s
match: HostSNI(`*`)
service: stalwart-pop3s
entrypoint: pop3s
port: 995
files:
config:
enabled: true
sensitive: true
remove: []
entries:
# Ref: https://github.com/stalwartlabs/mail-server/blob/main/resources/config/config.toml
config.toml:
data: |
[server.listener."smtp"]
bind = ["[::]:25"]
protocol = "smtp"
[server.listener."submission"]
bind = ["[::]:587"]
protocol = "smtp"
[server.listener."submissions"]
bind = ["[::]:465"]
protocol = "smtp"
tls.implicit = true
[server.listener."imap"]
bind = ["[::]:143"]
protocol = "imap"
[server.listener."imaptls"]
bind = ["[::]:993"]
protocol = "imap"
tls.implicit = true
[server.listener.pop3]
bind = "[::]:110"
protocol = "pop3"
[server.listener.pop3s]
bind = "[::]:995"
protocol = "pop3"
tls.implicit = true
[server.listener."sieve"]
bind = ["[::]:4190"]
protocol = "managesieve"
[server.listener."https"]
protocol = "https"
bind = ["[::]:443"]
tls.implicit = false
[server.listener."http"]
bind = "[::]:8080"
protocol = "http"
[storage]
data = "rocksdb"
fts = "rocksdb"
blob = "rocksdb"
lookup = "rocksdb"
directory = "internal"
[store."rocksdb"]
type = "rocksdb"
path = "/app/data"
compression = "lz4"
[directory."internal"]
type = "internal"
store = "rocksdb"
[tracer."stdout"]
type = "stdout"
level = "info"
ansi = false
enable = true
[authentication.fallback-admin]
user = "overlord"
secret = "%{env:SW_ADMIN_SECRET}%"
[tracer.console]
type = "console"
level = "info"
ansi = true
enable = true
[certificate."default"]
cert = "%{file:/app/certs/tls.crt}%"
private-key = "%{file:/app/certs/tls.key}%"
env:
secrets:
enabled: true
sensitive: true
Reference in New Issue View Git Blame Copy Permalink