Add new infra architecture 3

infrastructure/environments/common/configs/configmap.yaml

@@ -176,7 +176,7 @@ data:
   # ================================================================
   # EMAIL CONFIGURATION
   # ================================================================
-  SMTP_HOST: "email-smtp.bakery-ia.svc.cluster.local"
+  SMTP_HOST: "mailu-postfix.bakery-ia.svc.cluster.local"
   SMTP_PORT: "587"
   SMTP_TLS: "true"
   SMTP_SSL: "false"

infrastructure/environments/common/configs/secrets.yaml

@@ -160,8 +160,8 @@ metadata:
     app.kubernetes.io/component: notifications
 type: Opaque
 data:
-  # SMTP credentials for internal Mailu server
-  # These are used by notification-service to send emails via mailu-smtp
+  # SMTP credentials for internal Mailu server (Helm deployment)
+  # These are used by notification-service to send emails via mailu-postfix
   SMTP_USER: cG9zdG1hc3RlckBiYWtld2lzZS5haQ==  # postmaster@bakewise.ai
   SMTP_PASSWORD: VzJYS2tSdUxpT25ZS2RCWVFTQXJvbjFpeWtFU1M1b2I=  # W2XKkRuLiOnYKdBYQSAron1iykESS5ob
   # Dovecot admin password for IMAP management

infrastructure/environments/dev/k8s-manifests/kustomization.yaml

@@ -15,7 +15,6 @@ resources:
   - ../../../platform/cert-manager
   - ../../../platform/networking/ingress/overlays/dev
   - ../../../platform/storage
-  - ../../../platform/mail/mailu
   - ../../../services/databases
   - ../../../services/microservices
   # NOTE: cicd is NOT included here - it's deployed manually via Tilt triggers
@@ -53,31 +52,6 @@ patches:
       - op: replace
         path: /spec/suspend
         value: true
-  # Mailu TLS: Use self-signed dev certificate
-  - target:
-      kind: Deployment
-      name: mailu-front
-    patch: |-
-      - op: replace
-        path: /spec/template/spec/volumes/1/secret/secretName
-        value: "bakery-dev-tls-cert"
-  # Mailu Config: Update for dev environment
-  - target:
-      kind: ConfigMap
-      name: mailu-config
-    patch: |-
-      - op: replace
-        path: /data/DOMAIN
-        value: "bakery-ia.local"
-      - op: replace
-        path: /data/HOSTNAMES
-        value: "mail.bakery-ia.local"
-      - op: replace
-        path: /data/RELAY_LOGIN
-        value: "postmaster@bakery-ia.local"
-      - op: replace
-        path: /data/WEBMAIL_ADMIN
-        value: "admin@bakery-ia.local"
 
 labels:
   - includeSelectors: true
@@ -141,19 +115,3 @@ images:
   - name: python
     newName: localhost:5000/python_3.11-slim
     newTag: latest
-  # Mail server (Mailu)
-  - name: ghcr.io/mailu/nginx
-    newName: localhost:5000/ghcr.io_mailu_nginx_2024.06
-    newTag: latest
-  - name: ghcr.io/mailu/admin
-    newName: localhost:5000/ghcr.io_mailu_admin_2024.06
-    newTag: latest
-  - name: ghcr.io/mailu/postfix
-    newName: localhost:5000/ghcr.io_mailu_postfix_2024.06
-    newTag: latest
-  - name: ghcr.io/mailu/dovecot
-    newName: localhost:5000/ghcr.io_mailu_dovecot_2024.06
-    newTag: latest
-  - name: ghcr.io/mailu/rspamd
-    newName: localhost:5000/ghcr.io_mailu_rspamd_2024.06
-    newTag: latest

infrastructure/environments/prod/k8s-manifests/kustomization.yaml

@@ -15,7 +15,6 @@ resources:
   - ../../../platform/cert-manager
   - ../../../platform/networking/ingress/overlays/prod
   - ../../../platform/storage
-  - ../../../platform/mail/mailu
   - ../../../services/databases
   - ../../../services/microservices
   - ../../../cicd
@@ -169,14 +168,6 @@ patches:
           limits:
             memory: "1Gi"
             cpu: "500m"
-  # Mailu TLS: Use Let's Encrypt production certificate
-  - target:
-      kind: Deployment
-      name: mailu-front
-    patch: |-
-      - op: replace
-        path: /spec/template/spec/volumes/1/secret/secretName
-        value: "bakery-ia-prod-tls-cert"
 
 images:
   # Application services
@@ -253,17 +244,6 @@ images:
   # Python base image
   - name: python
     newTag: 3.11-slim
-  # Mail server (Mailu) - using canonical GHCR names
-  - name: ghcr.io/mailu/nginx
-    newTag: "2024.06"
-  - name: ghcr.io/mailu/admin
-    newTag: "2024.06"
-  - name: ghcr.io/mailu/postfix
-    newTag: "2024.06"
-  - name: ghcr.io/mailu/dovecot
-    newTag: "2024.06"
-  - name: ghcr.io/mailu/rspamd
-    newTag: "2024.06"
 
 replicas:
   - name: auth-service