# Default values for mailu. # The mail domain is required. See https://github.com/Mailu/Mailu/blob/master/docs/faq.rst#what-is-the-difference-between-domain-and-hostnames dnsWildcard: domain.com # An initial account can automatically be created (password will be generated randomly): initialAccount: username: mailadmin nameOverride: "" fullnameOverride: "" clusterDomain: cluster.local serviceAccount: # Specifies whether a service account should be created create: true # Annotations to add to the service account annotations: {} # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: "" nodeSelector: {} # Tolerations for pod assignment # Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ tolerations: {} # Affinity for pod assignment # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity affinity: {} database: # type of the database for mailu (sqlite or mysql) # default database is an embedded sqlite # for mysql, see settings below type: sqlite # type of the database for roundcube (sqlite or mysql) # default database is an embedded sqlite # for mysql, see settings below roundcubeType: sqlite # For mysql/mariadb use the following config: # Set the host to use an external database. # If not host is set, a database instance is created by this chart. # type: mysql mysql: {} # host: external-db-hostname # root password for mysql database # rootPassword: chang3m3! # can only be set for embedded mysql # settings for mailu (required if mailu database type is "mysql") # database: mailu # user: mailu # password: chang3m3! # For an external PostgreSQL database, use the following config: postgresql: {} # host: external-db-hostname # database: mailu # user: mailu # password: chang3m3! # settings for roundcube (required if roundcube database type is "mysql" or "postgresql") # roundcubeDatabase: roundcube # roundcubeUser: roundcube # roundcubePassword: chang3m3! external_relay: {} # host: "[domain.tld]:port" # username: username # password: SECRET persistence: # Setings for a single volume for all apps # set single_pvc: false to use a per app volume and set the properties in <app>.persistence (ex. admin.persistence) single_pvc: false size: 8Gi accessMode: ReadWriteOnce #annotations: # "helm.sh/resource-policy": keep #hostPath: /path/on/the/host #existingClaim: name-of-existing.claim #storageClass: "-" #claimNameOverride: my-claim-name # Change this if you're using different address ranges for pods subnet: 10.128.0.0/14 # Version of mailu docker images to use when not specified otherwise mailuVersion: 1.8 # default log level. can be overridden globally or per service logLevel: WARNING mail: messageSizeLimitInMegabytes: 50 authRatelimit: 10/minute;1000/hour # Set ingress and loadbalancer config ingress: externalIngress: false tlsFlavor: notls className: "" annotations: nginx.ingress.kubernetes.io/proxy-body-size: "0" # Frontend load balancer for non-HTTP(s) services front: # logLevel: WARNING image: repository: mailu/nginx # tag defaults to mailuVersion # tag: master resources: requests: memory: 100Mi cpu: 100m limits: memory: 200Mi cpu: 200m startupProbe: periodSeconds: 10 failureThreshold: 30 timeoutSeconds: 5 livenessProbe: periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: periodSeconds: 10 failureThreshold: 1 timeoutSeconds: 5 # Deployment or DaemonSet controller: kind: Deployment nodeSelector: {} # Expose front mail ports via hostPort hostPort: enabled: false # Expose front mail ports via external service (ClusterIP or LoadBalancer) externalService: enabled: false type: ClusterIP # LoadBalancer # type: LoadBalancer # loadBalancerIP: externalTrafficPolicy: Local annotations: {} pop3: pop3: false pop3s: true imap: imap: false imaps: true smtp: smtp: true smtps: true submission: true admin: # logLevel: WARNING image: repository: mailu/admin # tag defaults to mailuVersion # tag: master persistence: size: 1Gi storageClass: "" accessMode: ReadWriteOnce claimNameOverride: "" #annotations: # "helm.sh/resource-policy": keep resources: requests: memory: 500Mi cpu: 500m limits: memory: 500Mi cpu: 500m podAnnotations: {} startupProbe: periodSeconds: 10 failureThreshold: 30 timeoutSeconds: 5 livenessProbe: periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: periodSeconds: 10 failureThreshold: 1 timeoutSeconds: 5 redis: image: repository: redis tag: 5-alpine persistence: size: 2Gi storageClass: "" accessMode: ReadWriteOnce claimNameOverride: "" #annotations: # "helm.sh/resource-policy": keep resources: requests: memory: 200Mi cpu: 100m limits: memory: 300Mi cpu: 200m startupProbe: periodSeconds: 10 failureThreshold: 30 timeoutSeconds: 5 livenessProbe: periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: periodSeconds: 10 failureThreshold: 1 timeoutSeconds: 5 postfix: # logLevel: WARNING image: repository: mailu/postfix # tag defaults to mailuVersion # tag: master containerSecurityContext: capabilities: add: - SYS_CHROOT # CRI-O users will need to add the following: # capabilities: # add: # - SYS_CHROOT persistence: size: 2Gi storageClass: "" accessMode: ReadWriteOnce claimNameOverride: "" #annotations: # "helm.sh/resource-policy": keep resources: requests: memory: 2Gi cpu: 500m limits: memory: 2Gi cpu: 500m startupProbe: periodSeconds: 10 failureThreshold: 30 timeoutSeconds: 5 livenessProbe: periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: periodSeconds: 10 failureThreshold: 1 timeoutSeconds: 5 dovecot: enabled: true # logLevel: WARNING image: repository: mailu/dovecot # tag defaults to mailuVersion # tag: master containerSecurityContext: capabilities: add: - SYS_CHROOT # CRI-O users will need to add the following: # capabilities: # add: # - SYS_CHROOT persistence: size: 2Gi storageClass: "" accessMode: ReadWriteOnce claimNameOverride: "" #annotations: # "helm.sh/resource-policy": keep resources: requests: memory: 500Mi cpu: 500m limits: memory: 500Mi cpu: 500m startupProbe: periodSeconds: 10 failureThreshold: 30 timeoutSeconds: 5 livenessProbe: periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: periodSeconds: 10 failureThreshold: 1 timeoutSeconds: 5 # enable dovecot overrides # overrides: # dovecot.conf: | # # More info here: https://mailu.io/1.8/kubernetes/mailu/index.html#dovecot # mail_nfs_index = yes # mail_nfs_storage = yes # mail_fsync = always # mmap_disable = yes # mail_max_userip_connections=100 # rspamd and clamav and admin must share their volume # use affinity to schedule both pods on the same node so RWO volumes keep working rspamd_clamav_admin_persistence: size: 2Gi storageClass: "" accessMode: ReadWriteOnce claimNameOverride: "" #annotations: # "helm.sh/resource-policy": keep rspamd: # logLevel: WARNING image: repository: mailu/rspamd # tag defaults to mailuVersion # tag: master resources: requests: memory: 100Mi cpu: 100m limits: memory: 600Mi cpu: 500m startupProbe: # give it 15 minutes for initial rule compilation periodSeconds: 10 failureThreshold: 90 timeoutSeconds: 5 livenessProbe: periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: periodSeconds: 10 failureThreshold: 1 timeoutSeconds: 5 affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: component operator: In values: - clamav topologyKey: kubernetes.io/hostname clamav: enabled: true # logLevel: WARNING image: repository: mailu/clamav # tag defaults to mailuVersion # tag: master resources: requests: memory: 1Gi cpu: 1000m limits: memory: 2Gi cpu: 1000m startupProbe: # give it 10 minutes for initial freshclam update periodSeconds: 10 failureThreshold: 60 timeoutSeconds: 5 livenessProbe: periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: periodSeconds: 10 failureThreshold: 1 timeoutSeconds: 5 affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: component operator: In values: - rspamd topologyKey: kubernetes.io/hostname roundcube: enabled: true # logLevel: WARNING image: repository: mailu/roundcube # tag defaults to mailuVersion # tag: master persistence: size: 2Gi storageClass: "" accessMode: ReadWriteOnce claimNameOverride: "" #annotations: # "helm.sh/resource-policy": keep resources: requests: memory: 100Mi cpu: 100m limits: memory: 200Mi cpu: 200m startupProbe: periodSeconds: 10 failureThreshold: 30 timeoutSeconds: 5 livenessProbe: periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: periodSeconds: 10 failureThreshold: 1 timeoutSeconds: 5 webdav: enabled: false # logLevel: WARNING image: repository: mailu/radicale # tag defaults to mailuVersion # tag: master persistence: size: 2Gi storageClass: "" accessMode: ReadWriteOnce claimNameOverride: "" #annotations: # "helm.sh/resource-policy": keep startupProbe: periodSeconds: 10 failureThreshold: 30 timeoutSeconds: 5 livenessProbe: periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: periodSeconds: 10 failureThreshold: 1 timeoutSeconds: 5 mysql: image: repository: library/mariadb tag: 10.4.10 persistence: size: 2Gi storageClass: "" accessMode: ReadWriteOnce claimNameOverride: "" #annotations: # "helm.sh/resource-policy": keep resources: requests: memory: 256Mi cpu: 100m limits: memory: 512Mi cpu: 200m startupProbe: periodSeconds: 10 failureThreshold: 30* timeoutSeconds: 5 livenessProbe: periodSeconds: 10 failureThreshold: 3 timeoutSeconds: 5 readinessProbe: periodSeconds: 10 failureThreshold: 1 timeoutSeconds: 5 fetchmail: enabled: false # logLevel: WARNING image: repository: mailu/fetchmail # tag defaults to mailuVersion # tag: master persistence: size: 2Gi storageClass: "" accessMode: ReadWriteOnce claimNameOverride: "" #annotations: # "helm.sh/resource-policy": keep resources: requests: memory: 100Mi cpu: 100m limits: memory: 200Mi cpu: 200m delay: 600