Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / e61d1bc738aab40ccafe98cc9376ca855de30da9 / . / apps / maddy / install.yaml
blob: 22a46a7d22bddd03f3ddee5d712300af3483a60e [file] [log] [blame]
giolekva565fcdc2021-09-23 18:34:30 +0400[diff] [blame]1apiVersion: v1
2kind: Namespace
3metadata:
4 name: app-maddy
5---
6apiVersion: v1
7kind: Service
8metadata:
9 name: maddy
10 namespace: app-maddy
11spec:
12 type: LoadBalancer
13 externalTrafficPolicy: Local
14 selector:
15 app: maddy
16 ports:
17 - port: 25
18 protocol: TCP
19 name: a
20 - port: 143
21 protocol: TCP
22 name: b
23 - port: 993
24 protocol: TCP
25 name: c
26 - port: 587
27 protocol: TCP
28 name: d
29 - port: 465
30 protocol: TCP
31 name: e
32---
33apiVersion: cert-manager.io/v1
34kind: Certificate
35metadata:
36 name: wildcard-lekva.me # mx1
37 namespace: app-maddy
38spec:
39 dnsNames:
40 - 'mx1.lekva.me'
41 issuerRef:
42 name: letsencrypt-prod-dns
43 kind: ClusterIssuer
44 secretName: cert-mx1.lekva.me
45---
46apiVersion: v1
47kind: PersistentVolumeClaim
48metadata:
49 name: data
50 namespace: app-maddy
51spec:
52 accessModes:
53 - ReadWriteOnce
54 resources:
55 requests:
56 storage: 100Gi
57---
58apiVersion: apps/v1
59kind: Deployment
60metadata:
61 name: maddy
62 namespace: app-maddy
63spec:
64 selector:
65 matchLabels:
66 app: maddy
67 replicas: 1
68 template:
69 metadata:
70 labels:
71 app: maddy
72 spec:
73 volumes:
74 - name: config
75 configMap:
76 name: config
77 - name: certs
78 secret:
79 secretName: cert-mx1.lekva.me
80 - name: data
81 persistentVolumeClaim:
82 claimName: data
83 containers:
84 - name: maddy
85 image: giolekva/maddy:v0.4.4
86 imagePullPolicy: Always
87 ports:
88 - containerPort: 25
89 - containerPort: 143
90 - containerPort: 993
91 - containerPort: 587
92 - containerPort: 465
93 command: ["maddy"]
94 args: ["-config", "/etc/maddy/config/maddy.conf"]
95 volumeMounts:
96 - name: config
97 mountPath: /etc/maddy/config
98 - name: certs
99 mountPath: /etc/maddy/certs
100 - name: data
101 mountPath: /var/lib/maddy
102---
103apiVersion: v1
104kind: ConfigMap
105metadata:
106 name: mta-sts
107 namespace: app-maddy
108data:
109 mta-sts.txt: |
110 version: STSv1
111 mode: enforce
112 max_age: 604800
113 mx: mx1.lekva.me
114---
115apiVersion: apps/v1
116kind: Deployment
117metadata:
118 name: mta-sts
119 namespace: app-maddy
120spec:
121 selector:
122 matchLabels:
123 app: mta-sts
124 replicas: 1
125 template:
126 metadata:
127 labels:
128 app: mta-sts
129 spec:
130 volumes:
131 - name: mta-sts
132 configMap:
133 name: mta-sts
134 containers:
135 - name: maddy
136 image: giolekva/static-file-server:latest
137 imagePullPolicy: Always
138 ports:
139 - name: http
140 containerPort: 80
141 command: ["static-file-server"]
142 args: ["-port=80", "-dir=/etc/static-file-server/data"]
143 volumeMounts:
144 - name: mta-sts
145 mountPath: /etc/static-file-server/data/.well-known
146 readOnly: true
147---
148apiVersion: v1
149kind: Service
150metadata:
151 name: mta-sts
152 namespace: app-maddy
153spec:
154 type: ClusterIP
155 selector:
156 app: mta-sts
157 ports:
158 - name: http
159 port: 80
160 targetPort: http
161 protocol: TCP
162---
163apiVersion: networking.k8s.io/v1
164kind: Ingress
165metadata:
166 name: mta-sts
167 namespace: app-maddy
168 annotations:
169 nginx.ingress.kubernetes.io/ssl-redirect: "false"
170spec:
171 ingressClassName: nginx
172 rules:
173 - host: mta-sts.lekva.me
174 http:
175 paths:
176 - pathType: Prefix
177 path: "/"
178 backend:
179 service:
180 name: mta-sts
181 port:
182 name: http