Add mail config

3 years ago · 1e310288b4
4 changed files with 65 additions and 0 deletions
--- a/charts/mailproxy/v0.1.0/templates/nginx-certificate.yaml
+++ b/charts/mailproxy/v0.1.0/templates/nginx-certificate.yaml
@ -0,0 +1,12 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ include "mailproxy.fullname" . }}
+  labels:
+    {{- include "mailproxy.labels" . | nindent 4 }}
+spec:
+  secretName: {{ include "mailproxy.fullname" . }}-tls
+  issuerRef:
+    name: {{ .Values.nginx.certificate.issuer }}
+  dnsNames:
+    {{- toYaml .Values.nginx.certificate.dnsNames | nindent 4 }}
--- a/charts/mailproxy/v0.1.0/templates/nginx-configmap.yaml
+++ b/charts/mailproxy/v0.1.0/templates/nginx-configmap.yaml
@ -2,6 +2,8 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
  name: {{ include "mailproxy.fullname" . }}-nginxconf 
+  labels:
+    {{- include "mailproxy.labels" . | nindent 4 }}
 data:
  phpfpm-conf: |-
    upstream backend {
@ -34,5 +36,40 @@ data:
        include         fastcgi_params;
      }
    }
+  imap-conf: |-
+    server {
+      listen 993;
+      server_name localhost;
+      protocol imap;
+      auth_http localhost:8080/auth-mail.php;
+      ssl on;
+      proxy_pass_error_message on;
+    }
+  pop-conf: |-
+    server {
+      listen 995;
+      server_name localhost;
+      protocol pop3;
+      auth_http localhost:8080/auth-mail.php;
+      ssl on;
+      proxy_pass_error_message on;
+    }
+  smtp-conf: |-
+    server {
+      listen 587;
+      server_name localhost;
+      protocol smtp;
+      auth_http localhost:8080/auth-mail.php;
+      starttls only;
+      xclient on;
+      proxy_pass_error_message on;
+    }
+  ssl-conf: |-
+    ssl_certificate /etc/nginx/ssl/tls.crt;
+    ssl_certificate_key /etc/nginx/ssl/tls.key;
+    ssl_session_timeout 5m;
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;
+    ssl_prefer_server_ciphers   on;

 
--- a/charts/mailproxy/v0.1.0/templates/nginx-deployment.yaml
+++ b/charts/mailproxy/v0.1.0/templates/nginx-deployment.yaml
@ -48,6 +48,18 @@ spec:
            - mountPath: /etc/nginx/conf.d/phpfpm.conf
              subPath: phpfpm-conf
              name: nginxconf
+            - mountPath: /etc/nginx/conf.d/imap.conf
+              subPath: imap-conf
+              name: nginxconf
+            - mountPath: /etc/nginx/conf.d/pop.conf
+              subPath: pop-conf
+              name: nginxconf
+            - mountPath: /etc/nginx/conf.d/smtp.conf
+              subPath: smtp-conf
+              name: nginxconf
+            - mountPath: /etc/nginx/ssl
+              name: {{ include "mailproxy.fullname" . }}-tls
+              readOnly: true
          resources:
            {{- toYaml .Values.nginx.resources | nindent 12 }}
      {{- with .Values.nodeSelector }}
--- a/charts/mailproxy/v0.1.0/values.yaml
+++ b/charts/mailproxy/v0.1.0/values.yaml
@ -19,6 +19,10 @@ nginx:
      - name: smtp
        number: 587
        protocol: TCP
+  certificate:
+    issuer: letsencrypt-staging
+    dnsNames:
+      - mail.com 
  resources: {}
  # limits:
  #   cpu: 100m