Blame - mailcow/mailcow.yaml - kubeia

blob: a40325913d6d33a20ad0ae684f0a05c3c881652a [file] [log] [blame]

Matthias Andreas Benkard	c55bfae	2021-01-02 07:35:21 +0100	[diff] [blame]	1	---
				2	apiVersion: extensions/v1beta1
				3	kind: Ingress
				4	metadata:
				5	name: mailcow
				6	namespace: mulk
				7	labels:
				8	name: mailcow
				9	k8s-app: mailcow
				10	annotations:
				11	kubernetes.io/ingress.class: traefik
				12	traefik.ingress.kubernetes.io/preserve-host: "true"
				13	spec:
				14	rules:
				15	- host: mail.benkard.de
				16	http:
				17	paths:
				18	- path: /
				19	backend:
				20	serviceName: mailcow
				21	servicePort: 80
				22	- host: autodiscover.benkard.de
				23	http:
				24	paths:
				25	- path: /
				26	backend:
				27	serviceName: mailcow
				28	servicePort: 80
				29
				30	---
				31	apiVersion: v1
				32	kind: Service
				33	metadata:
				34	name: mailcow-pub
				35	namespace: mulk
				36	labels:
				37	name: mailcow-pub
				38	k8s-app: mailcow
				39	spec:
				40	selector:
				41	name: mailcow
				42	type: NodePort
				43	externalTrafficPolicy: Local
				44	ports:
				45	- name: smtp-alt
				46	port: 31025
				47	targetPort: 25
				48	protocol: TCP
				49	nodePort: 31025
				50	---
				51	apiVersion: v1
				52	kind: Service
				53	metadata:
				54	name: mailcow
				55	namespace: mulk
				56	labels:
				57	name: mailcow
				58	k8s-app: mailcow
				59	spec:
				60	selector:
				61	name: mailcow
				62	type: ClusterIP
				63	ports:
				64	- name: http
				65	port: 80
				66	targetPort: 80
				67	protocol: TCP
				68
				69	---
				70	apiVersion: apps/v1
				71	kind: Deployment
				72	metadata:
				73	name: mailcow
				74	namespace: mulk
				75	labels:
				76	name: mailcow
				77	k8s-app: mailcow
				78
				79	spec:
				80	replicas: 1
				81
				82	strategy:
				83	rollingUpdate:
				84	maxSurge: 1
				85	maxUnavailable: 1
				86
				87	selector:
				88	matchLabels:
				89	k8s-app: mailcow
				90	name: mailcow
				91
				92	template:
				93	metadata:
				94	labels:
				95	name: mailcow
				96	k8s-app: mailcow
				97
				98	spec:
				99	imagePullSecrets:
				100	- name: portus-token
				101
				102	runtimeClassName: kata
				103
				104	containers:
				105	- name: master
				106	image: docker.benkard.de/mulk/mailcow:latest
				107
				108	securityContext:
				109	# In a Kata container, this only gives the container full
				110	# access to the guest VM rather than the host. (To ensure
				111	# this, it is important to set privileged_without_host_devices
				112	# = true in the [plugins.cri.containerd.runtimes.kata] section
				113	# of containerd's config.toml.)
				114	privileged: true
				115
				116	env:
				117	- name: COMPOSE_HTTP_TIMEOUT
				118	value: "600"
				119
				120	ports:
				121	- name: http
				122	containerPort: 80
				123	- name: smtp
				124	hostPort: 25
				125	containerPort: 25
				126	- name: pop
				127	hostPort: 110
				128	containerPort: 110
				129	- name: imap
				130	hostPort: 143
				131	containerPort: 143
				132	- name: smtps
				133	hostPort: 465
				134	containerPort: 465
				135	- name: submission
				136	hostPort: 587
				137	containerPort: 587
				138	- name: imaps
				139	hostPort: 993
				140	containerPort: 993
				141	- name: pops
				142	hostPort: 995
				143	containerPort: 995
				144	- name: sieve
				145	hostPort: 4190
				146	containerPort: 4190
				147	- name: doveadm
				148	hostPort: 19991
				149	containerPort: 12345
				150
				151	volumeMounts:
				152	# Configuration data.
				153	- name: assets
				154	subPath: ssl
				155	mountPath: /mailcow-dockerized/data/assets/ssl
				156	- name: config
				157	mountPath: /mailcow-dockerized/data/conf
				158	- name: secrets
				159	subPath: mailcow.conf
				160	mountPath: /mailcow-dockerized/mailcow.conf
				161
				162	# State.
				163	- name: crypt-data
				164	mountPath: /vol/crypt-data
				165	- name: postfix-data
				166	mountPath: /vol/postfix-data
				167	- name: redis-data
				168	mountPath: /vol/redis-data
				169	- name: rspamd-data
				170	mountPath: /vol/rspamd-data
				171	- name: solr-data
				172	mountPath: /vol/solr-data
				173	- name: sogo-web
				174	mountPath: /vol/sogo-web
				175	- name: sogo-userdata-backup
				176	mountPath: /vol/sogo-userdata-backup
				177	- name: vmail
				178	mountPath: /vol/vmail
				179	- name: vmail-index
				180	mountPath: /vol/vmail-index
				181	- name: web-data
				182	mountPath: /vol/web-data
				183	#- name: docker-data
				184	# subPath: vfs
				185	# mountPath: /var/lib/docker/vfs
				186	#- name: docker-data
				187	# subPath: image
				188	# mountPath: /var/lib/docker/image
				189	#- name: docker-data
				190	# subPath: overlay2
				191	# mountPath: /var/lib/docker/overlay2
				192	#- name: docker-data
				193	# mountPath: /var/lib/docker
				194	- name: docker-data
				195	mountPath: /vol/docker-data
				196
				197	volumes:
				198	- name: assets
				199	persistentVolumeClaim:
				200	claimName: mailcow-assets
				201	- name: config
				202	persistentVolumeClaim:
				203	claimName: mailcow-config-v2
				204	- name: crypt-data
				205	persistentVolumeClaim:
				206	claimName: mailcow-crypt
				207	- name: postfix-data
				208	persistentVolumeClaim:
				209	claimName: mailcow-postfix
				210	- name: redis-data
				211	persistentVolumeClaim:
				212	claimName: mailcow-redis
				213	- name: rspamd-data
				214	persistentVolumeClaim:
				215	claimName: mailcow-rspamd
				216	- name: solr-data
				217	persistentVolumeClaim:
				218	claimName: mailcow-solr
				219	- name: sogo-web
				220	persistentVolumeClaim:
				221	claimName: mailcow-sogo-web
				222	- name: sogo-userdata-backup
				223	persistentVolumeClaim:
				224	claimName: mailcow-sogo-userdata-backup
				225	- name: vmail
				226	persistentVolumeClaim:
				227	claimName: mailcow-vmail
				228	- name: vmail-index
				229	persistentVolumeClaim:
				230	claimName: mailcow-vmail-index
				231	- name: web-data
				232	persistentVolumeClaim:
				233	claimName: mailcow-web
				234	- name: docker-data
				235	persistentVolumeClaim:
				236	claimName: mailcow-docker
				237	- name: secrets
				238	secret:
				239	secretName: mailcow-secrets
				240
				241	---
				242	apiVersion: v1
				243	kind: PersistentVolumeClaim
				244	metadata:
				245	name: mailcow-web
				246	namespace: mulk
				247	labels:
				248	k8s-app: mailcow
				249	annotations:
				250	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				251	volume.kubernetes.io/selected-node: ifirn
				252	spec:
				253	storageClassName: local-path
				254	accessModes:
				255	- ReadWriteOnce
				256	resources:
				257	requests:
				258	storage: 1Gi
				259	---
				260	apiVersion: v1
				261	kind: PersistentVolumeClaim
				262	metadata:
				263	name: mailcow-docker
				264	namespace: mulk
				265	labels:
				266	k8s-app: mailcow
				267	annotations:
				268	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				269	volume.kubernetes.io/selected-node: ifirn
				270	spec:
				271	storageClassName: local-path
				272	accessModes:
				273	- ReadWriteOnce
				274	resources:
				275	requests:
				276	storage: 1Gi
				277	---
				278	apiVersion: v1
				279	kind: PersistentVolumeClaim
				280	metadata:
				281	name: mailcow-assets
				282	namespace: mulk
				283	labels:
				284	k8s-app: mailcow
				285	annotations:
				286	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				287	volume.kubernetes.io/selected-node: ifirn
				288	spec:
				289	storageClassName: local-path
				290	accessModes:
				291	- ReadWriteOnce
				292	resources:
				293	requests:
				294	storage: 1Gi
				295	---
				296	apiVersion: v1
				297	kind: PersistentVolumeClaim
				298	metadata:
				299	name: mailcow-solr
				300	namespace: mulk
				301	labels:
				302	k8s-app: mailcow
				303	annotations:
				304	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				305	volume.kubernetes.io/selected-node: ifirn
				306	spec:
				307	storageClassName: local-path
				308	accessModes:
				309	- ReadWriteOnce
				310	resources:
				311	requests:
				312	storage: 1Gi
				313	---
				314	apiVersion: v1
				315	kind: PersistentVolumeClaim
				316	metadata:
				317	name: mailcow-sogo-web
				318	namespace: mulk
				319	labels:
				320	k8s-app: mailcow
				321	annotations:
				322	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				323	volume.kubernetes.io/selected-node: ifirn
				324	spec:
				325	storageClassName: local-path
				326	accessModes:
				327	- ReadWriteOnce
				328	resources:
				329	requests:
				330	storage: 1Gi
				331	---
				332	apiVersion: v1
				333	kind: PersistentVolumeClaim
				334	metadata:
				335	name: mailcow-sogo-userdata-backup
				336	namespace: mulk
				337	labels:
				338	k8s-app: mailcow
				339	annotations:
				340	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				341	volume.kubernetes.io/selected-node: ifirn
				342	spec:
				343	storageClassName: local-path
				344	accessModes:
				345	- ReadWriteOnce
				346	resources:
				347	requests:
				348	storage: 1Gi
				349	---
				350	apiVersion: v1
				351	kind: PersistentVolumeClaim
				352	metadata:
				353	name: mailcow-vmail
				354	namespace: mulk
				355	labels:
				356	k8s-app: mailcow
				357	annotations:
				358	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				359	volume.kubernetes.io/selected-node: ifirn
				360	spec:
				361	storageClassName: local-path
				362	accessModes:
				363	- ReadWriteOnce
				364	resources:
				365	requests:
				366	storage: 1Gi
				367	---
				368	apiVersion: v1
				369	kind: PersistentVolumeClaim
				370	metadata:
				371	name: mailcow-vmail-index
				372	namespace: mulk
				373	labels:
				374	k8s-app: mailcow
				375	annotations:
				376	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				377	volume.kubernetes.io/selected-node: ifirn
				378	spec:
				379	storageClassName: local-path
				380	accessModes:
				381	- ReadWriteOnce
				382	resources:
				383	requests:
				384	storage: 1Gi
				385	---
				386	apiVersion: v1
				387	kind: PersistentVolumeClaim
				388	metadata:
				389	name: mailcow-redis
				390	namespace: mulk
				391	labels:
				392	k8s-app: mailcow
				393	annotations:
				394	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				395	volume.kubernetes.io/selected-node: ifirn
				396	spec:
				397	storageClassName: local-path
				398	accessModes:
				399	- ReadWriteOnce
				400	resources:
				401	requests:
				402	storage: 1Gi
				403	---
				404	apiVersion: v1
				405	kind: PersistentVolumeClaim
				406	metadata:
				407	name: mailcow-rspamd
				408	namespace: mulk
				409	labels:
				410	k8s-app: mailcow
				411	annotations:
				412	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				413	volume.kubernetes.io/selected-node: ifirn
				414	spec:
				415	storageClassName: local-path
				416	accessModes:
				417	- ReadWriteOnce
				418	resources:
				419	requests:
				420	storage: 1Gi
				421	---
				422	apiVersion: v1
				423	kind: PersistentVolumeClaim
				424	metadata:
				425	name: mailcow-postfix
				426	namespace: mulk
				427	labels:
				428	k8s-app: mailcow
				429	annotations:
				430	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				431	volume.kubernetes.io/selected-node: ifirn
				432	spec:
				433	storageClassName: local-path
				434	accessModes:
				435	- ReadWriteOnce
				436	resources:
				437	requests:
				438	storage: 1Gi
				439	---
				440	apiVersion: v1
				441	kind: PersistentVolumeClaim
				442	metadata:
				443	name: mailcow-crypt
				444	namespace: mulk
				445	labels:
				446	k8s-app: mailcow
				447	annotations:
				448	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				449	volume.kubernetes.io/selected-node: ifirn
				450	spec:
				451	storageClassName: local-path
				452	accessModes:
				453	- ReadWriteOnce
				454	resources:
				455	requests:
				456	storage: 1Gi
				457	---
				458	apiVersion: v1
				459	kind: PersistentVolumeClaim
				460	metadata:
				461	name: mailcow-config-v2
				462	namespace: mulk
				463	labels:
				464	k8s-app: mailcow
				465	annotations:
				466	volume.beta.kubernetes.io/storage-provisioner: rancher.io/local-path
				467	volume.kubernetes.io/selected-node: ifirn
				468	spec:
				469	storageClassName: local-path
				470	accessModes:
				471	- ReadWriteOnce
				472	resources:
				473	requests:
				474	storage: 1Gi
				475	---