209 lines
4.5 KiB
YAML
209 lines
4.5 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mailu-front
|
|
namespace: bakery-ia
|
|
labels:
|
|
app: mailu
|
|
component: front
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: mailu
|
|
component: front
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: mailu
|
|
component: front
|
|
spec:
|
|
containers:
|
|
- name: front
|
|
image: ghcr.io/mailu/nginx:2024.06
|
|
imagePullPolicy: IfNotPresent
|
|
ports:
|
|
- containerPort: 80
|
|
name: http
|
|
- containerPort: 443
|
|
name: https
|
|
envFrom:
|
|
- configMapRef:
|
|
name: mailu-config
|
|
- secretRef:
|
|
name: mailu-secrets
|
|
volumeMounts:
|
|
- name: mailu-data
|
|
mountPath: /data
|
|
- name: mailu-tls
|
|
mountPath: /certs
|
|
readOnly: true
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 200m
|
|
memory: 256Mi
|
|
volumes:
|
|
- name: mailu-data
|
|
persistentVolumeClaim:
|
|
claimName: mailu-data
|
|
- name: mailu-tls
|
|
secret:
|
|
# TLS secret name is environment-specific:
|
|
# - Dev: bakery-dev-tls-cert (self-signed, from dev-certificate.yaml)
|
|
# - Prod: bakery-ia-prod-tls-cert (Let's Encrypt, from prod-certificate.yaml)
|
|
# Patched via kustomize overlays in dev/prod kustomization.yaml
|
|
secretName: MAILU_TLS_SECRET_PLACEHOLDER
|
|
items:
|
|
- key: tls.crt
|
|
path: cert.pem
|
|
- key: tls.key
|
|
path: key.pem
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mailu-admin
|
|
namespace: bakery-ia
|
|
labels:
|
|
app: mailu
|
|
component: admin
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: mailu
|
|
component: admin
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: mailu
|
|
component: admin
|
|
spec:
|
|
containers:
|
|
- name: admin
|
|
image: ghcr.io/mailu/admin:2024.06
|
|
imagePullPolicy: IfNotPresent
|
|
ports:
|
|
- containerPort: 80
|
|
name: http
|
|
envFrom:
|
|
- configMapRef:
|
|
name: mailu-config
|
|
- secretRef:
|
|
name: mailu-secrets
|
|
volumeMounts:
|
|
- name: mailu-data
|
|
mountPath: /data
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
limits:
|
|
cpu: 300m
|
|
memory: 512Mi
|
|
volumes:
|
|
- name: mailu-data
|
|
persistentVolumeClaim:
|
|
claimName: mailu-data
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mailu-smtp
|
|
namespace: bakery-ia
|
|
labels:
|
|
app: mailu
|
|
component: smtp
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: mailu
|
|
component: smtp
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: mailu
|
|
component: smtp
|
|
spec:
|
|
containers:
|
|
- name: smtp
|
|
image: ghcr.io/mailu/postfix:2024.06
|
|
imagePullPolicy: IfNotPresent
|
|
ports:
|
|
- containerPort: 25
|
|
name: smtp
|
|
- containerPort: 587
|
|
name: submission
|
|
envFrom:
|
|
- configMapRef:
|
|
name: mailu-config
|
|
- secretRef:
|
|
name: mailu-secrets
|
|
volumeMounts:
|
|
- name: mailu-data
|
|
mountPath: /data
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 512Mi
|
|
volumes:
|
|
- name: mailu-data
|
|
persistentVolumeClaim:
|
|
claimName: mailu-data
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mailu-imap
|
|
namespace: bakery-ia
|
|
labels:
|
|
app: mailu
|
|
component: imap
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: mailu
|
|
component: imap
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: mailu
|
|
component: imap
|
|
spec:
|
|
containers:
|
|
- name: imap
|
|
image: ghcr.io/mailu/dovecot:2024.06
|
|
imagePullPolicy: IfNotPresent
|
|
ports:
|
|
- containerPort: 143
|
|
name: imap
|
|
- containerPort: 993
|
|
name: imaps
|
|
envFrom:
|
|
- configMapRef:
|
|
name: mailu-config
|
|
- secretRef:
|
|
name: mailu-secrets
|
|
volumeMounts:
|
|
- name: mailu-data
|
|
mountPath: /data
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 512Mi
|
|
volumes:
|
|
- name: mailu-data
|
|
persistentVolumeClaim:
|
|
claimName: mailu-data
|