# This file is derived from https://github.com/Mailu/Mailu/blob/master/docs/kubernetes/mailu/admin.yaml apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "mailu.fullname" . }}-admin spec: selector: matchLabels: app: {{ include "mailu.fullname" . }} component: admin replicas: 1 template: metadata: labels: app: {{ include "mailu.fullname" . }} component: admin {{- with .Values.admin.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} spec: serviceAccount: {{ include "mailu.serviceAccountName" . }} securityContext: runAsUser: 0 {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} containers: - name: admin image: {{ template "imageRegistry" . -}} {{ .Values.admin.image.repository }}:{{ default .Values.mailuVersion .Values.admin.image.tag }} imagePullPolicy: Always volumeMounts: - name: data subPath: admin mountPath: /data - name: data mountPath: /dkim subPath: dkim {{- if .Values.timezone }} - name: zoneinfo mountPath: /usr/share/zoneinfo readOnly: true - name: zoneinfo subPath: {{ .Values.timezone }} mountPath: /etc/localtime readOnly: true {{- end }} env: - name: LOG_LEVEL value: {{ default .Values.logLevel .Values.admin.logLevel }} - name: QUOTA_STORAGE_URL value: redis://{{ include "mailu.fullname" . }}-redis/1 - name: RATELIMIT_STORAGE_URL value: redis://{{ include "mailu.fullname" . }}-redis/2 - name: DOMAIN value: "{{ required "dnsWildcard" .Values.dnsWildcard }}" - name: HOSTNAMES value: "mail.{{ .Values.dnsWildcard }}" - name: IMAP_ADDRESS value: {{ include "mailu.fullname" . }}-dovecot.{{ .Release.Namespace }} - name: POP3_ADDRESS value: {{ include "mailu.fullname" . }}-dovecot.{{ .Release.Namespace }} - name: SMTP_ADDRESS value: {{ include "mailu.fullname" . }}-postfix.{{ .Release.Namespace }} - name: AUTHSMTP_ADDRESS value: {{ include "mailu.fullname" . }}-postfix.{{ .Release.Namespace }} - name: REDIS_ADDRESS value: {{ include "mailu.fullname" . }}-redis.{{ .Release.Namespace }} - name: WEBMAIL value: none - name: WEBMAIL_ADDRESS value: localhost - name: FRONT_ADDRESS value: {{ include "mailu.fullname" . }}-front.{{ .Release.Namespace }} - name: RECIPIENT_DELIMITER value: + - name: SUBNET value: {{ .Values.subnet }} - name: PASSWORD_SCHEME value: "{{ default "PBKDF2" .Values.passwordScheme }}" - name: SECRET_KEY valueFrom: secretKeyRef: name: mailu-session-encryption-key key: key - name: AUTH_RATELIMIT value: "{{ required "mail.authRatelimit" .Values.mail.authRatelimit }}" - name: INITIAL_ADMIN_DOMAIN value: {{ required "dnsWildcard" .Values.dnsWildcard }} - name: INITIAL_ADMIN_ACCOUNT valueFrom: secretKeyRef: name: mailu-admin-credentials key: username - name: INITIAL_ADMIN_PW valueFrom: secretKeyRef: name: mailu-admin-credentials key: password {{- if eq .Values.database.type "sqlite" }} - name: DB_FLAVOR value: sqlite {{- else if eq .Values.database.type "mysql" }} - name: DB_FLAVOR value: mysql - name: DB_USER value: {{ required "database.mysql.user" .Values.database.mysql.user }} - name: DB_PW value: {{ required "database.mysql.password" .Values.database.mysql.password }} - name: DB_NAME value: {{ required "database.mysql.database" .Values.database.mysql.database }} - name: DB_HOST {{- if .Values.database.mysql.host }} value: {{ .Values.database.mysql.host }} {{- else }} value: {{ include "mailu.fullname" . }}-mysql {{- end }} {{- else if eq .Values.database.type "postgresql" }} - name: DB_FLAVOR value: postgresql - name: DB_USER value: {{ required "database.postgresql.user" .Values.database.postgresql.user }} - name: DB_PW value: {{ required "database.postgresql.password" .Values.database.postgresql.password }} - name: DB_NAME value: {{ required "database.postgresql.database" .Values.database.postgresql.database }} - name: DB_HOST {{- if .Values.database.postgresql.host }} value: {{ .Values.database.postgresql.host }} {{- end }} {{- else }} value: {{ required "database.type must be one of sqlite/mysql/postgresql" .None }} {{- end }} ports: - name: http containerPort: 80 protocol: TCP {{- with .Values.admin.resources }} resources: {{- .|toYaml|nindent 10}} {{- end }} {{- if .Values.admin.startupProbe}} startupProbe: httpGet: path: /ui/login port: http periodSeconds: {{ default 10 .Values.admin.startupProbe.periodSeconds }} failureThreshold: {{ default 30 .Values.admin.startupProbe.failureThreshold }} timeoutSeconds: {{ default 5 .Values.admin.startupProbe.timeoutSeconds }} {{- end }} {{ if .Values.admin.livenessProbe -}} livenessProbe: httpGet: path: /ui/login port: http periodSeconds: {{ default 10 .Values.admin.livenessProbe.periodSeconds }} failureThreshold: {{ default 3 .Values.admin.livenessProbe.failureThreshold }} timeoutSeconds: {{ default 5 .Values.admin.livenessProbe.timeoutSeconds }} {{- end }} {{ if .Values.admin.readinessProbe -}} readinessProbe: httpGet: path: /ui/login port: http periodSeconds: {{ default 10 .Values.admin.readinessProbe.periodSeconds }} failureThreshold: {{ default 1 .Values.admin.readinessProbe.failureThreshold }} timeoutSeconds: {{ default 5 .Values.admin.readinessProbe.timeoutSeconds }} {{- end }} volumes: - name: data persistentVolumeClaim: claimName: {{ include "mailu.rspamdClamavAdminClaimName" . }} {{- if .Values.timezone }} - name: zoneinfo hostPath: path: /usr/share/zoneinfo type: Directory {{- end }} strategy: type: RollingUpdate rollingUpdate: maxUnavailable: 0 maxSurge: 1 --- apiVersion: v1 kind: Service metadata: name: {{ include "mailu.fullname" . }}-admin labels: app: {{ include "mailu.fullname" . }} component: admin spec: selector: app: {{ include "mailu.fullname" . }} component: admin ports: - name: http port: 80 protocol: TCP