From 1e310288b41bdd84c37f226d2595d63d8a337d8f Mon Sep 17 00:00:00 2001 From: Fabio Rauber Date: Thu, 17 Feb 2022 09:02:42 -0300 Subject: [PATCH] Add mail config --- .../v0.1.0/templates/nginx-certificate.yaml | 12 ++++++ .../v0.1.0/templates/nginx-configmap.yaml | 37 +++++++++++++++++++ .../v0.1.0/templates/nginx-deployment.yaml | 12 ++++++ charts/mailproxy/v0.1.0/values.yaml | 4 ++ 4 files changed, 65 insertions(+) create mode 100644 charts/mailproxy/v0.1.0/templates/nginx-certificate.yaml diff --git a/charts/mailproxy/v0.1.0/templates/nginx-certificate.yaml b/charts/mailproxy/v0.1.0/templates/nginx-certificate.yaml new file mode 100644 index 0000000..48d1ed1 --- /dev/null +++ b/charts/mailproxy/v0.1.0/templates/nginx-certificate.yaml @@ -0,0 +1,12 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ include "mailproxy.fullname" . }} + labels: + {{- include "mailproxy.labels" . | nindent 4 }} +spec: + secretName: {{ include "mailproxy.fullname" . }}-tls + issuerRef: + name: {{ .Values.nginx.certificate.issuer }} + dnsNames: + {{- toYaml .Values.nginx.certificate.dnsNames | nindent 4 }} \ No newline at end of file diff --git a/charts/mailproxy/v0.1.0/templates/nginx-configmap.yaml b/charts/mailproxy/v0.1.0/templates/nginx-configmap.yaml index 718f971..f08e0da 100644 --- a/charts/mailproxy/v0.1.0/templates/nginx-configmap.yaml +++ b/charts/mailproxy/v0.1.0/templates/nginx-configmap.yaml @@ -2,6 +2,8 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ include "mailproxy.fullname" . }}-nginxconf + labels: + {{- include "mailproxy.labels" . | nindent 4 }} data: phpfpm-conf: |- upstream backend { @@ -34,5 +36,40 @@ data: include fastcgi_params; } } + imap-conf: |- + server { + listen 993; + server_name localhost; + protocol imap; + auth_http localhost:8080/auth-mail.php; + ssl on; + proxy_pass_error_message on; + } + pop-conf: |- + server { + listen 995; + server_name localhost; + protocol pop3; + auth_http localhost:8080/auth-mail.php; + ssl on; + proxy_pass_error_message on; + } + smtp-conf: |- + server { + listen 587; + server_name localhost; + protocol smtp; + auth_http localhost:8080/auth-mail.php; + starttls only; + xclient on; + proxy_pass_error_message on; + } + ssl-conf: |- + ssl_certificate /etc/nginx/ssl/tls.crt; + ssl_certificate_key /etc/nginx/ssl/tls.key; + ssl_session_timeout 5m; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH; + ssl_prefer_server_ciphers on; \ No newline at end of file diff --git a/charts/mailproxy/v0.1.0/templates/nginx-deployment.yaml b/charts/mailproxy/v0.1.0/templates/nginx-deployment.yaml index a66f8e7..6363136 100644 --- a/charts/mailproxy/v0.1.0/templates/nginx-deployment.yaml +++ b/charts/mailproxy/v0.1.0/templates/nginx-deployment.yaml @@ -48,6 +48,18 @@ spec: - mountPath: /etc/nginx/conf.d/phpfpm.conf subPath: phpfpm-conf name: nginxconf + - mountPath: /etc/nginx/conf.d/imap.conf + subPath: imap-conf + name: nginxconf + - mountPath: /etc/nginx/conf.d/pop.conf + subPath: pop-conf + name: nginxconf + - mountPath: /etc/nginx/conf.d/smtp.conf + subPath: smtp-conf + name: nginxconf + - mountPath: /etc/nginx/ssl + name: {{ include "mailproxy.fullname" . }}-tls + readOnly: true resources: {{- toYaml .Values.nginx.resources | nindent 12 }} {{- with .Values.nodeSelector }} diff --git a/charts/mailproxy/v0.1.0/values.yaml b/charts/mailproxy/v0.1.0/values.yaml index 0361724..060c374 100644 --- a/charts/mailproxy/v0.1.0/values.yaml +++ b/charts/mailproxy/v0.1.0/values.yaml @@ -19,6 +19,10 @@ nginx: - name: smtp number: 587 protocol: TCP + certificate: + issuer: letsencrypt-staging + dnsNames: + - mail.com resources: {} # limits: # cpu: 100m