Closes #44
This commit is contained in:
parent
69b989a112
commit
259c4aa83f
@ -90,6 +90,38 @@
|
||||
requests:
|
||||
storage: 2Ti
|
||||
|
||||
- name: Create a ConfigMap for encryption
|
||||
k8s:
|
||||
state: present
|
||||
definition:
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: certs
|
||||
namespace: mail
|
||||
data:
|
||||
privkey.pem: "{{ mail_encryption_privkey }}"
|
||||
pubkey.pem: "{{ mail_encryption_pubkey }}"
|
||||
|
||||
- name: Create a ConfigMap for Dovecot
|
||||
k8s:
|
||||
state: present
|
||||
definition:
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: dovecot
|
||||
namespace: mail
|
||||
data:
|
||||
10-encryption.conf: |
|
||||
# Enables mail_crypt for all services (pop3, pop3, etc)
|
||||
mail_plugins = $mail_plugins mail_crypt
|
||||
plugin {
|
||||
mail_crypt_global_private_key = </certs/privkey.pem
|
||||
mail_crypt_global_public_key = </certs/pubkey.pem
|
||||
mail_crypt_save_version = 2
|
||||
}
|
||||
|
||||
- name: Create a deployment
|
||||
k8s:
|
||||
definition:
|
||||
@ -141,8 +173,13 @@
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
volumeMounts:
|
||||
- name: certs
|
||||
mountPath: /certs
|
||||
- name: config
|
||||
mountPath: /tmp/docker-mailserver
|
||||
- name: dovecot
|
||||
mountPath: /etc/dovecot/conf.d/10-encryption.conf
|
||||
subPath: 10-encryption.conf
|
||||
- name: ssl
|
||||
mountPath: /etc/letsencrypt
|
||||
- name: mail
|
||||
@ -207,6 +244,9 @@
|
||||
- name: SSL_KEY_PATH
|
||||
value: "/etc/letsencrypt/tls.key"
|
||||
volumes:
|
||||
- name: certs
|
||||
configMap:
|
||||
name: certs
|
||||
- name: ssl
|
||||
secret:
|
||||
secretName: mail
|
||||
@ -219,6 +259,9 @@
|
||||
- name: dkim
|
||||
persistentVolumeClaim:
|
||||
claimName: dkim
|
||||
- name: dovecot
|
||||
configMap:
|
||||
name: dovecot
|
||||
|
||||
- name: Expose deployment as a service
|
||||
k8s:
|
||||
|
||||
Loading…
Reference in New Issue
Block a user