Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / f9f0beec8492e05a459bd7080ad095b4cf9292bc / . / charts / maddy / templates / mta-sts.yaml
blob: c44e3dd29f1b0acd24359aae6e9e1f22a6442c2e [file] [log] [blame]
---
apiVersion: v1
kind: ConfigMap
metadata:
name: mta-sts
namespace: {{ .Release.Namespace }}
data:
mta-sts.txt: |
version: STSv1
mode: enforce
max_age: 604800
mx: {{ .Values.mailGateway.mxHostname }}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: mta-sts.{{ .Values.ingress.public.domain }}
namespace: {{ .Release.Namespace }}
annotations:
helm.sh/resource-policy: keep
spec:
dnsNames:
- 'mta-sts.{{ .Values.ingress.public.domain }}'
issuerRef:
name: {{ .Values.ingress.public.certificateIssuer }}
kind: ClusterIssuer
secretName: cert-mta-sts.{{ .Values.ingress.public.domain }}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mta-sts
namespace: {{ .Release.Namespace }}
spec:
ingressClassName: {{ .Values.ingress.public.className }}
tls:
- hosts:
- mta-sts.{{ .Values.ingress.public.domain }}
secretName: cert-mta-sts.{{ .Values.ingress.public.domain }}
rules:
- host: mta-sts.{{ .Values.ingress.public.domain }}
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: mta-sts
port:
name: http
---
apiVersion: v1
kind: Service
metadata:
name: mta-sts
namespace: {{ .Release.Namespace }}
spec:
type: ClusterIP
selector:
app: mta-sts
ports:
- name: http
port: 80
targetPort: http
protocol: TCP
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mta-sts
namespace: {{ .Release.Namespace }}
spec:
selector:
matchLabels:
app: mta-sts
replicas: 1
template:
metadata:
labels:
app: mta-sts
spec:
volumes:
- name: mta-sts
configMap:
name: mta-sts
containers:
- name: maddy
image: giolekva/static-file-server:latest
imagePullPolicy: Always
ports:
- name: http
containerPort: 80
protocol: TCP
command:
- static-file-server
- --port=80
- --dir=/etc/static-file-server/data
volumeMounts:
- name: mta-sts
mountPath: /etc/static-file-server/data/.well-known
readOnly: true