| apiVersion: v1 |
| kind: Service |
| metadata: |
| name: maddy |
| namespace: {{ .Release.Namespace }} |
| spec: |
| type: ClusterIP |
| selector: |
| app: maddy |
| ports: |
| - name: imap |
| port: 143 |
| protocol: TCP |
| - name: imaps |
| port: 993 |
| protocol: TCP |
| - name: smtp |
| port: 25 |
| protocol: TCP |
| - name: smtps |
| port: 465 |
| protocol: TCP |
| - name: submission |
| port: 587 |
| protocol: TCP |
| --- |
| apiVersion: v1 |
| kind: Service |
| metadata: |
| name: manage |
| namespace: {{ .Release.Namespace }} |
| spec: |
| type: ClusterIP |
| selector: |
| app: maddy |
| ports: |
| - name: http |
| port: 80 |
| targetPort: http |
| protocol: TCP |
| --- |
| apiVersion: networking.k8s.io/v1 |
| kind: Ingress |
| metadata: |
| name: manage |
| namespace: {{ .Release.Namespace }} |
| spec: |
| ingressClassName: {{ .Values.ingress.private.className }} |
| tls: |
| - hosts: |
| - mail.{{ .Values.ingress.private.domain }} |
| secretName: cert-wildcard.{{ .Values.ingress.private.domain }} |
| rules: |
| - host: mail.{{ .Values.ingress.private.domain }} |
| http: |
| paths: |
| - path: / |
| pathType: Prefix |
| backend: |
| service: |
| name: manage |
| port: |
| name: http |
| --- |
| apiVersion: cert-manager.io/v1 |
| kind: Certificate |
| metadata: |
| name: mail.{{ .Values.ingress.public.domain }} |
| namespace: {{ .Release.Namespace }} |
| annotations: |
| helm.sh/resource-policy: keep |
| spec: |
| dnsNames: |
| - 'mail.{{ .Values.ingress.public.domain }}' |
| issuerRef: |
| name: {{ .Values.ingress.public.certificateIssuer }} |
| kind: ClusterIssuer |
| secretName: cert-mail.{{ .Values.ingress.public.domain }} |
| --- |
| apiVersion: v1 |
| kind: PersistentVolumeClaim |
| metadata: |
| name: data |
| namespace: {{ .Release.Namespace }} |
| spec: |
| accessModes: |
| - ReadWriteOnce |
| resources: |
| requests: |
| storage: {{ .Values.storage.size }} |
| --- |
| apiVersion: apps/v1 |
| kind: Deployment |
| metadata: |
| name: maddy |
| namespace: {{ .Release.Namespace }} |
| spec: |
| selector: |
| matchLabels: |
| app: maddy |
| replicas: 1 |
| template: |
| metadata: |
| labels: |
| app: maddy |
| annotations: |
| checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }} |
| spec: |
| volumes: |
| - name: config |
| configMap: |
| name: config |
| - name: certs |
| secret: |
| secretName: cert-mail.{{ .Values.ingress.public.domain}} |
| - name: certs-private |
| secret: |
| secretName: cert-wildcard.{{ .Values.ingress.private.domain}} |
| - name: data |
| persistentVolumeClaim: |
| claimName: data |
| containers: |
| - name: maddy |
| image: giolekva/maddy:v0.4.4 |
| imagePullPolicy: Always |
| ports: |
| - name: imap |
| containerPort: 143 |
| protocol: TCP |
| - name: imaps |
| containerPort: 993 |
| protocol: TCP |
| - name: smtp |
| containerPort: 25 |
| protocol: TCP |
| - name: smtps |
| containerPort: 465 |
| protocol: TCP |
| - name: submission |
| containerPort: 587 |
| protocol: TCP |
| command: |
| - maddy |
| - -config |
| - /etc/maddy/config/maddy.conf |
| volumeMounts: |
| - name: config |
| mountPath: /etc/maddy/config |
| readOnly: true |
| - name: certs-private |
| mountPath: /etc/maddy/certs-private |
| readOnly: true |
| - name: data |
| mountPath: /var/lib/maddy |
| readOnly: false |
| - name: web |
| image: giolekva/maddy-web:latest |
| imagePullPolicy: Always |
| ports: |
| - name: http |
| containerPort: 80 |
| protocol: TCP |
| command: |
| - maddy-web |
| - --port=80 |
| - --maddy-config=/etc/maddy/config/maddy.conf |
| volumeMounts: |
| - name: config |
| mountPath: /etc/maddy/config |
| readOnly: true |
| - name: certs |
| mountPath: /etc/maddy/certs |
| readOnly: true |
| - name: data |
| mountPath: /var/lib/maddy |
| readOnly: false |