apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "emailleg.fullname" . }} labels: {{- include "emailleg.labels" . | nindent 4 }} spec: replicas: 1 selector: matchLabels: {{- include "emailleg.selectorLabels" . | nindent 6 }} template: metadata: {{- with .Values.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "emailleg.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} hostAliases: - ip: 127.0.0.1 hostnames: - imap - smtp - admin - redis containers: - name: imap securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.imap.image.repository }}:{{ .Values.imap.image.tag }}" imagePullPolicy: {{ .Values.imap.image.pullPolicy }} env: - name: HOSTNAMES value: "mail.{{ .Values.mail.domain }}" - name: DOMAIN value: {{ .Values.mail.domain | quote }} - name: POSTMASTER value: "admin" {{- if .Values.mail.ldap.server }} - name: LDAP_SRV value: {{ .Values.mail.ldap.server }} - name: BASE_DN value: {{ .Values.mail.ldap.baseDN }} {{- end }} ports: - name: imap containerPort: 143 protocol: TCP - name: pop containerPort: 110 protocol: TCP livenessProbe: tcpSocket: port: 143 initialDelaySeconds: 10 periodSeconds: 5 readinessProbe: tcpSocket: port: 143 initialDelaySeconds: 10 periodSeconds: 5 volumeMounts: - mountPath: /data subPath: data name: mailvol - mountPath: /mail subPath: mail name: mailvol - mountPath: /certs subPath: certs name: mailvol resources: {{- toYaml .Values.imap.resources | nindent 12 }} - name: smtp securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.smtp.image.repository }}:{{ .Values.smtp.image.tag }}" imagePullPolicy: {{ .Values.smtp.image.pullPolicy }} env: - name: HOSTNAMES value: "mail.{{ .Values.mail.domain }}" - name: DOMAIN value: {{ .Values.mail.domain | quote }} - name: POSTMASTER value: "admin" - name: MESSAGE_SIZE_LIMIT value: {{ .Values.mail.messageSizeLimit | quote }} - name: RELAYNETS value: {{ .Values.mail.relayNets | quote }} - name: RELAYHOST value: {{ .Values.mail.relayHost | quote }} {{- if .Values.mail.ldap.server }} - name: LDAP_SRV value: {{ .Values.mail.ldap.server }} - name: BASE_DN value: {{ .Values.mail.ldap.baseDN }} - name: MBOX_DOMAINS value: {{ .Values.mail.ldap.mboxDomains }} {{- end }} ports: - name: smtp containerPort: 25 protocol: TCP livenessProbe: tcpSocket: port: 25 initialDelaySeconds: 10 periodSeconds: 5 readinessProbe: tcpSocket: port: 25 initialDelaySeconds: 10 periodSeconds: 5 volumeMounts: - mountPath: /data subPath: data name: mailvol - mountPath: /certs subPath: certs name: mailvol resources: {{- toYaml .Values.smtp.resources | nindent 12 }} {{- if not .Values.mail.ldap.server }} - name: admin securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.admin.image.repository }}:{{ .Values.admin.image.tag }}" imagePullPolicy: {{ .Values.admin.image.pullPolicy }} env: - name: SECRET_KEY value: {{ .Values.mail.secretKey | quote }} - name: DOMAIN value: {{ .Values.mail.domain | quote }} - name: ENABLE_CERTBOT value: "false" - name: BABEL_DEFAULT_LOCALE value: "pt" - name: WEB_WEBMAIL value: {{ .Values.mail.webmailAddr | quote }} - name: WEBSITE value: {{ .Values.mail.website | quote }} - name: SITENAME value: {{ .Values.mail.siteName | quote }} - name: RATELIMIT_STORAGE_URL value: "redis://localhost" ports: - name: http containerPort: 80 protocol: TCP livenessProbe: httpGet: path: / port: 80 initialDelaySeconds: 10 periodSeconds: 5 readinessProbe: httpGet: path: / port: 80 initialDelaySeconds: 10 periodSeconds: 5 volumeMounts: - mountPath: /data subPath: data name: mailvol - mountPath: /certs subPath: certs name: mailvol resources: {{- toYaml .Values.admin.resources | nindent 12 }} - name: redis securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.redis.image.repository }}:{{ .Values.redis.image.tag }}" imagePullPolicy: {{ .Values.redis.image.pullPolicy }} ports: - name: redis containerPort: 6379 protocol: TCP livenessProbe: tcpSocket: port: 6379 initialDelaySeconds: 10 periodSeconds: 5 readinessProbe: tcpSocket: port: 6379 initialDelaySeconds: 10 periodSeconds: 5 volumeMounts: - mountPath: /data subPath: redis name: mailvol resources: {{- toYaml .Values.redis.resources | nindent 12 }} {{- end }} volumes: - name: mailvol persistentVolumeClaim: claimName: {{ include "emailleg.fullname" . }}-mailvol {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} affinity: podAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchExpressions: - key: app.kubernetes.io/name operator: In values: - {{ include "emailleg.name" . }} - key: app.kubernetes.io/instance operator: In values: - {{ .Release.Name }} topologyKey: kubernetes.io/hostname {{- with .Values.affinity }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }}