-
Notifications
You must be signed in to change notification settings - Fork 8
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
6217d67
commit 3c75064
Showing
12 changed files
with
359 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
apiVersion: argoproj.io/v1alpha1 | ||
kind: Application | ||
metadata: | ||
name: mail | ||
spec: | ||
project: default | ||
source: | ||
repoURL: [email protected]:hashbang/gitops.git | ||
path: mail/ | ||
targetRevision: HEAD | ||
destination: | ||
server: https://kubernetes.default.svc | ||
namespace: mail |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
|
||
https://github.com/hashbang/docker-postfix | ||
|
||
Delivers mail to the shell servers |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,133 @@ | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: mail-aliases | ||
type: Opaque | ||
stringData: | ||
aliases: ENC[AES256_GCM,data:zTwzx4D4eS7cq9bjCeca9IB7pwJuHGysnxgbgNhwHLJv0e4A7EnvlFP5f/zRG/HKNIay/m+ygxwaRg/PwMf1kn6mJpoXym/cqAv4ZJN6etZw/c/WOipCrm1mf9sZB0DLAB/PvvEEy09Q0RUxOIcPg/jxMnEAlbann0LLJcaXYxvAZYyNHjCDvqsxZ+NzZU7bnkMGII1Mv8tc6vLt605yQG5KEaOs5lbiU55XZOUyqTEzHpbyhM6hDSFC5Wz71FnwPQqLaaAGHyiCg77XWtJIzLvrEQofxZg8YsG8R1F6CXoNfQJ5Ka+rzL6YnLk39JAT6KpV8CQaGtVONthpapDEFz5eJi8qgUKFyoEIG/122Yb5RJkZCgoZiXPt2GkCgYSjq3UHfUIZoP/R1uiuOh0hUa0nIXKe3gb3hmzOo/fUjttgF0BIyA48CSAJeEYaoDBIvE5hK7FmfA8RJ6tWvtWYOINwYSGIxIme9TGPJ6Ym7cOp2c4Bu0i0HX4d5amJQ1uaDSQW1jbPo/4kr/x9pJaL9E+rJsDdktnuJIXII0vJqsmZVaAhEltZDUNY6KR51VZejh3hzd3k9MrBOqFOa/KBrOyKsXZCJkU8jnlBBF/g6UwAft5e3Dms5PpAIxm9p6LXXkBmUu8Zgzs=,iv:YhRtkz4oL8wqN3W+CQyhwGwhNYKsmEQvga62wzc+gBI=,tag:9rkZ3caaI915ykCFchdxpA==,type:str] | ||
sops: | ||
kms: [] | ||
gcp_kms: [] | ||
azure_kv: [] | ||
lastmodified: '2020-06-05T04:05:09Z' | ||
mac: ENC[AES256_GCM,data:MV6KgQQfm039vRGE6eszA0PDmtkDe1Qv0zzjFd728iH/8xVpwsvn2s6TL3/N0huWMWFRbh6M9kU2xGA87vNOrqbUMuEIwi01Z2v5Cuu4EalBHafEaFE68UygFOB+VDO7WQiZmEkHLUY0za7LfinZ3QbPikX8GrXMjaHjDfYtqvo=,iv:6R9m5hVXFAtXokwJHnd9SbfNXc4eKdgohHWBlTdrLkI=,tag:eHUROJe44qeYuvPwdqI0NQ==,type:str] | ||
pgp: | ||
- created_at: '2020-05-27T02:00:39Z' | ||
enc: | | ||
-----BEGIN PGP MESSAGE----- | ||
hQIMA+pWRuJw67SWAQ/9GXIZFEp/v1IT68Ro9LOMEtxoi1rmzmJRYMca5Jgt7xf+ | ||
V0Hyfpo0fl3/xZaLwd0bIBaE0pjnsPCwzCd+IologGctDD5/PwOtdXm6WS1Lh6vH | ||
tvVOAo63RnyGqlwO2cXkKIOCzIF7LKJi8TxE0M4cEK2RkcYz7ukfvzyrbm+jLAYo | ||
3Ve2k9GL72VPLwo+o+WbrhGjqsf6Qy5D9OT45FPNXCC2EF6zDyRrJwYtRFU+lZcB | ||
bBQc2aE90fVSxxMQ18VNW7VNFAOfMANPSOilrIfzoyZE8lxgAExgXRyrwRuVxKfL | ||
UAws9jrXz72AYTkVoQ3tWJP3MgtnbdTS9A8kUJI0hIjnKTsUKwBZv3SJxvKBFV0y | ||
4Qnz/cXw0qYp/6zBEaM0tOq04LqmU8fuPtPZg4V9TKVCoMaCQrvgLj5nWS6UiIhF | ||
1LOQSxPEjBPApvht4bRexfOGIdMxJ7uqZTfBkpa1McoPQFvFLmY9TT9IHjqkhj2g | ||
kLpDX/oKskHP9/4C4QJa93az983GITDER4AhMmMN6P21LTnlRpzxQ1wDryzF4HCW | ||
1lixCt8KSM1qA2yAnrdzf0spmYl1Hh948AzDuMI6YoMJkDnyKsMH0vboOQnidTjK | ||
WRMxUAoYhTKoJ3WXL1csakLFMMtbtIPWPWrH4lnbXA9WK2f50X5Ka7vkMkvdsrfS | ||
XgFMqlMJ/AvlaQKJfqtca0xn47K9+8KMx9iroBpT4H8ejFA76JpTx9MQTgb+voUO | ||
nQ0Y+2qr27/lyR2Esv7q+jkXkGhNlpL0o2nE2ZRpUJ9bV713KJCSSViBPe87Npc= | ||
=ZQHM | ||
-----END PGP MESSAGE----- | ||
fp: 1FD6667A0808D4D48BDB8757A61B48D8288FCF8A | ||
- created_at: '2020-05-27T02:00:39Z' | ||
enc: |- | ||
-----BEGIN PGP MESSAGE----- | ||
wcFMA4FedWMNSzdLARAAoj7C/JHMHvgNkVqs+c0JrgbrIlue6GnmPrQIPeyZpqxw | ||
Lu75lw/a/SyZhEoJpDfJIGpt8edBmVEb6qJiwdvwZPcIkak6yfj9tMqaIU6vpNqb | ||
qgSzPQqsaojOpeH9A6RJARixdcXM3b4essnV4PXmMQ7IVZCmeOT22qQ+7Gk/oX2M | ||
3eQ64x0mvSH1UNeo9BkzMD1vPEDa5pcUUBhzs8gT+IOpAq8EwKEAhna9JRnUDR9a | ||
Ft4dyIREAO4evUtJ7ZtkZGEc2LpMkoK/lH9ljhUOjlAlSSC22Hpk5ol5Sg2pwCJJ | ||
931K1Ueptb+Cuhi/1NPk2XZKkVkQP5+Xglg5vI8e5jarXb0t0kKs7tjOlFc+0iRx | ||
ToaSdHwSuPnskbVIOKgyvRml0uHnPmPpa+8ND6TxgBBa+Mb8tQnFNnkRKFz/19Ak | ||
j9UAsVdJw+zU0KTTx4SiDRH39ydv2oeFLD20Oh80fqXyPcHc6jHsPEukn3A012Lm | ||
p3BWab4WTaDBNCioWGtXKRHED3ZTorvSg1arbwHp1P3z/+8G3mJI9q0CvheMeG4k | ||
j71YGeokktz626PT7LWBfViK60ZadmnHg6Cf/I19pd+Ai3FdsRadxLz/5jBiV2VE | ||
0j9WqtSXQSs7e9Xd85gEaEbLeKO1W7Ypa7Pmg86gJfaXHuWz4Cp3vDZdVhV161nS | ||
4AHkgmb1HMc7vAHPR0V+knYM9eGTfOCT4J3hRnLgauIfcvnI4GTlGpZO9NKaU22k | ||
ZO/Gj//eS0JbkffL2GGFu8tA/eCakyrgq+S1MJe3HwUHzRL9AEonlt0O4ofNwT7h | ||
SM0A | ||
=nu7e | ||
-----END PGP MESSAGE----- | ||
fp: 954A3772D62EF90E4B31FBC6C91A9911192C187A | ||
- created_at: '2020-05-27T02:00:39Z' | ||
enc: | | ||
-----BEGIN PGP MESSAGE----- | ||
hQEMA4SNlT+wHnqoAQf/fB2EW5yaGESpPSLUcOXdEfQON/wqfR3EZroX34xNz3+4 | ||
RLFOwo7PagIOMbugSfVbxt14RYbxWT9+43oGSgg1F4b5IuxIT1wUwLSrCnR/QE8z | ||
VEZkf2/yuZ8k0+HB3wG7fgP10EYo236aoiaWC28kWivqO76W9+ZQCgVcL4Wj+XTe | ||
ueIPDAyZrnXbd3GTAUl0/VBMoZKJMr8AIK/5ZCnwoILxGe6BQpX4qDxBFRg65Yf6 | ||
8nMoai6FxbGnuBdIL3fuQ1UAggYCou9iQZpp632f0yHZ+B4b1plEt/iVCgb8WH4v | ||
paCGx836Um2uFXm0rCZB5whAasxNkY9Ik/nZxuPnodJeAVWjlcPPAY9cqo3fTnYK | ||
tnSxZ970TwiNWCeocWL/VGNXAnaIkofldGMzFsIumLVuyhUe3NhfTRYbflDTxG2o | ||
nLb/1mGv416ULuKEgX9j+fezJgOyMgOaeQfkS8dm0w== | ||
=al2j | ||
-----END PGP MESSAGE----- | ||
fp: 8333F292B1BBD334A61E6F566785F7AF28DE7081 | ||
- created_at: '2020-05-27T02:00:39Z' | ||
enc: |- | ||
-----BEGIN PGP MESSAGE----- | ||
wcFMA82rPM2mSf/aARAAon72nRRf9II/gY+zdEH4IyqIHOiCG4H8jLt2dm2CkfOV | ||
q/kiZoL5KUL+L+bGbOOiqenBZI5w4U6Vva4ap8/UKbaLqK3yDVBd/WafJf58BUlq | ||
u76cNhxn9rcTcHzJ22/bKEbGO0KbVdx7ibQ85OBvzF1cdrqr1cxr+nblff81gQ41 | ||
H6OvNUCneQYI4Bq9OYfOnesLC6cYunk+eFHiNGmcAbT7gpF+RD3DsyBLGPFCFm+a | ||
CMOkCaXRNKrQdf7lCJi1jiuTOoJwER5CdYnEPNoojQCVGDqtKPHgggC81fc8rqme | ||
Y09Zh9X6wWiJdbOVXZDCATzF5it+tqNz8ZSq9kNdpaOXXMOoYXBpP0Jamt4rMQbn | ||
MqDsy4HEpL6u7D+IEe3+lArXLRAeJ6KhMnQM9MjWjQwZ2l6Gcy914j3y1ItGguBc | ||
Ohd2y0PynT3F2jzxhQhlQ4D5wYQM31jpiE6x0acsTbDFYHAYn7dRprH9BYY3Dgh1 | ||
V9EQIYdWowl9pUBEQzsJ+dAOVjTtUv+O/UQJCuow0/66n44dZ4UEycU0+lLqrRiE | ||
CLnxDMtXdimm5/SEOHHLjaR8q4rve9WfGujV1iQZPEuK73kVaa3TbsQtc19FwhGq | ||
YxLJuRqyZ2eM82Fq92ibCjT6xpUSz3fFyZJSSI2nTIGtKLXOYoArSrOAOTzdun/S | ||
4AHkwZABmgQMa+15cThhPISJ9+HuNuBK4OrhQvDgz+JihNuC4MHlhlKev/A2BFYi | ||
YwFEvbPkyGNjZNCiV+tWGtf4KL4skSTg8eTgOFfu1Jr2Q3lYtRa/Zl/a4mFUGMTh | ||
5G0A | ||
=oGHl | ||
-----END PGP MESSAGE----- | ||
fp: 6B61ECD76088748C70590D55E90A401336C8AAA9 | ||
- created_at: '2020-05-27T02:00:39Z' | ||
enc: | | ||
-----BEGIN PGP MESSAGE----- | ||
hQIMA6dhVUuTLV7oAQ/6AoEKc0aiAC16FTJEQVpsi5Y6ffxey6zKRJeyx/6480DF | ||
Bkg2tfoT8bEDTNYi6EqPPM4Vef3tgoR+3KMlML6Mt1y77N5Knni93RSaCyeSKaa6 | ||
1AZaLtLc6a6UF/qLJJ5ISniRdiSmJAQFttARu6h35IJrZlfNEi8rvnlP7AZObc2d | ||
qjKcSqNI0S3jvHam61xys93mmvQbTpGP+PE++1qlt53231KH/RrgNhPMFQij6d52 | ||
Pfxicu9D+x7fcIkDVHIbh3ycQOTzKzi1zJQpzo0vIRK7zVMOGNBL4V3jlxN+JTFa | ||
xDSTW+E46BnmG1kwVGsawkakDt4W1MOGzT3Nd1b4X6QuEEOvqVGAOaYoYatAk2D5 | ||
qy3ov3jq36z5Nc1+Zm6hMq+KnSSSOez5YDxx89b3eMuAb10Z1IcJ3Owr/zeXDdzJ | ||
tX3gRWL/Mq9StJMhaXd1gH5Ba7ZH/P+USk68uny1erIUG3oFxa0quwW5VycYWDQf | ||
aVJuhwX9XxPvAnUz/BGGt+r6rpFNPtmb0hDYk+TIYElXRHi9jQxYiOeBXhq87iBF | ||
U1Jv/tsXZMKnAK0l/xZrwihAa3ZZ5jp0djZ5Btff/0afbz44vAjhmagWRaNNdHdr | ||
elITYEoqnG/XIEtSXu3VBM9ArAU2h+H2IpslohkaDE7WqCsLvNtIRyiG5a6wJjvS | ||
XgFCmA5J+bqcFs+EEncWcvRepym+pgVzp2z1e2ZPrSYXeJYw/L+KkSSCb+48F5eE | ||
bJHG57xw6Krtfb1T6kFErfmiCDjgaJJ0mJUJozfFYsxL+/AlTjKf+oA+qkHh7qw= | ||
=SkM7 | ||
-----END PGP MESSAGE----- | ||
fp: FC2255B7BBC7EABD4EFAFA1068907D8BCCD85A5A | ||
- created_at: '2020-05-27T02:00:39Z' | ||
enc: | | ||
-----BEGIN PGP MESSAGE----- | ||
hQIMA8KRInHl7Vz+AQ/+NzGqUvMLyF9GPB5zfJDLRcNe0DPdj3rEoszXcl0LBxBY | ||
27wekbYkiF/pS8+EqIzgfaVRNAx5IOQvotSomATXgZ10FiLSYksmka1wI6xKUqRf | ||
Gygnevg5MykUa03RhTVlEmKew4GdObN8bmMmGiqSYgnMeLCYlfuUnCixg/g5jmer | ||
kZ+QWrvfoHnqiV5WI7cySXh3+Q8Ndyj3YjhIvw6H3Pc+RaCQ8WQ/H7AQjGpJPNrZ | ||
iLriNeKlNNJYfPM7FZCi/PAhmmVS8m+AyFuHTe9rP8RMLCMCxqKzRZGteUi+XIjV | ||
Z3gSsHXe5WWoyAgi0ox8B1bs6qP5jHZoN8/hrdtZqXBt90FTp5UyxM/cwd7oUYok | ||
Y8Ep/innfyrxjxE/ND07v29LhFnFpZJMm0Orgze4gAiTy6S/Urnt6TW3OJvJPWjK | ||
sjyaGECL3efgcGXeSfJxmsErtR2QtHB1oeIYlMetyGfS5Oego0Vo9KZ8uPu/TB5W | ||
XqtbWJpxXpxrCj8kIDec1P3AhBYAohZfmPw10nqWOLcQwJEZWrj80Lr8HNH8AjBj | ||
1dMGC0nPUlT4hsiXav3ZA4ecy8kY3B6VFcXufWm9MreOS+QFW+g4s3Gvr0aQEzbg | ||
//Q7DKvfPmDtWQf62tqX6yYA2KS7GkX8jH7tHKUsPYSOIt7/7z0JXvRB1BU2uHDS | ||
XgHL9LbfoxLCWIqyQsRpX3UVpMCg44RqIOmJDRwnV22g97YATblk8AwgqaIiJk9O | ||
lJcRfr25f5Q9cXxU4LPbR6h7LRJsrNKquxtefdkz0SoRUQjE40xR00NJ7htQB5E= | ||
=n94p | ||
-----END PGP MESSAGE----- | ||
fp: C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD | ||
encrypted_regex: ^(data|stringData)$ | ||
version: 3.5.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
apiVersion: cert-manager.io/v1alpha2 | ||
kind: Certificate | ||
metadata: | ||
namespace: mail | ||
name: mail.hashbang.sh | ||
spec: | ||
secretName: mail-certs | ||
dnsNames: | ||
- mail.hashbang.sh | ||
issuerRef: | ||
name: letsencrypt-prod | ||
kind: ClusterIssuer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) | ||
biff = no | ||
|
||
# appending .domain is the MUA's job. | ||
append_dot_mydomain = no | ||
|
||
# Uncomment the next line to generate "delayed mail" warnings | ||
#delay_warning_time = 4h | ||
|
||
readme_directory = no | ||
|
||
# TLS parameters | ||
smtpd_tls_cert_file = /etc/postfix/certs/server.crt | ||
smtpd_tls_key_file = /etc/postfix/certs/server.key | ||
smtpd_use_tls=yes | ||
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache | ||
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache | ||
# smtpd_tls_CAfile = /etc/postfix/certs/cacert.pem | ||
smtpd_tls_security_level = may | ||
smtpd_tls_auth_only = no | ||
smtpd_tls_loglevel = 1 | ||
smtpd_tls_received_header = yes | ||
smtpd_tls_session_cache_timeout = 3600s | ||
smtp_tls_security_level = dane | ||
smtp_tls_note_starttls_offer = yes | ||
smtp_dns_support_level = dnssec | ||
|
||
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for | ||
# information on enabling SSL in the smtp client. | ||
|
||
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination | ||
|
||
myhostname = mail.hashbang.sh | ||
relay_domains = hashbang.sh | ||
mydestination = mail.hashbang.sh, hashbang.sh, localhost.hashbang.sh, localhost | ||
mynetworks = 127.0.0.0/8 46.4.114.111 | ||
relayhost = | ||
alias_maps = hash:/etc/aliases | ||
alias_database = hash:/etc/aliases | ||
myorigin = $mydomain | ||
mailbox_size_limit = 0 | ||
recipient_delimiter = + | ||
inet_interfaces = all | ||
|
||
virtual_alias_maps = pgsql:/etc/postfix/userdb-aliases.cf | ||
|
||
message_size_limit = 52428800 | ||
|
||
compatibility_level = 2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
domain = hashbang.sh | ||
hosts = postgresql://mail:userdb-mail-lookup@userdb-attempt-too-do-user-989073-0.db.ondigitalocean.com:25060/userdb?sslmode=require | ||
dbname = userdb | ||
query = select name || '@' || host from passwd where name = '%u' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
apiVersion: kustomize.config.k8s.io/v1beta1 | ||
kind: Kustomization | ||
namespace: mail | ||
resources: | ||
- namespace.yaml | ||
- resources.yaml | ||
- certificate.yaml | ||
configMapGenerator: | ||
- name: mail-config | ||
options: | ||
disableNameSuffixHash: true | ||
files: | ||
- files/main.cf | ||
- files/userdb-aliases.cf | ||
generators: | ||
- secret-generator.yaml | ||
images: | ||
- name: hashbang/postfix | ||
digest: sha256:1c9491593e383b95cde6c75a82abcfe2e12e4a26b1656abeaac0bf1f8209b9ee | ||
- name: alpine | ||
newTag: alpine:3.12.0 | ||
digest: sha256:a15790640a6690aa1730c38cf0a440e2aa44aaca9b0e8931a9f2b0d7cc90fd65 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
apiVersion: v1 | ||
kind: Namespace | ||
metadata: | ||
name: mail |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,109 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: mail | ||
spec: | ||
selector: | ||
matchLabels: | ||
app: mail | ||
template: | ||
metadata: | ||
labels: | ||
app: mail | ||
spec: | ||
shareProcessNamespace: true | ||
containers: | ||
- name: postfix | ||
image: hashbang/postfix | ||
ports: | ||
- containerPort: 25 | ||
name: smtp | ||
readinessProbe: | ||
tcpSocket: | ||
port: 25 | ||
livenessProbe: | ||
tcpSocket: | ||
port: 25 | ||
volumeMounts: | ||
- mountPath: /etc/postfix | ||
name: mail-config | ||
readOnly: true | ||
- mountPath: /etc/postfix/aliases | ||
name: mail-aliases | ||
subPath: aliases | ||
readOnly: true | ||
- mountPath: /etc/tls | ||
name: mail-certs | ||
readOnly: true | ||
- mountPath: /var/spool/postfix | ||
name: mail-spool | ||
- name: config-reloader | ||
# image includes busybox's inotifyd + pkill | ||
image: alpine | ||
command: ["/bin/sh"] | ||
args: | ||
- "-c" | ||
- | | ||
echo "Watching /etc/postfix"; | ||
inotifyd - /etc/postfix/:wMymndox /etc/postfix/aliases:wMymndox /etc/postfix/tls/:wMymndox | while read -r notifies ; do | ||
echo "notify received: $notifies"; | ||
echo "running newaliases"; | ||
newaliases; | ||
echo "sending SIGHUP"; | ||
pkill -HUP master; | ||
done | ||
echo "Exiting."; | ||
volumeMounts: | ||
- mountPath: /etc/postfix | ||
name: mail-config | ||
readOnly: true | ||
- mountPath: /etc/postfix/aliases | ||
name: mail-aliases | ||
subPath: aliases | ||
readOnly: true | ||
- mountPath: /etc/tls | ||
name: mail-certs | ||
readOnly: true | ||
volumes: | ||
- name: mail-config | ||
configMap: | ||
name: mail-config | ||
- name: mail-aliases | ||
secret: | ||
secretName: mail-aliases | ||
- name: mail-certs | ||
secret: | ||
secretName: mail-certs | ||
- name: mail-spool | ||
persistentVolumeClaim: | ||
claimName: mail-spool | ||
--- | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: mail | ||
labels: | ||
app: mail | ||
annotations: | ||
external-dns.alpha.kubernetes.io/hostname: "mail.hashbang.sh" | ||
spec: | ||
type: NodePort | ||
ports: | ||
- name: smtp | ||
port: 25 | ||
targetPort: 25 | ||
selector: | ||
app: mail | ||
--- | ||
apiVersion: v1 | ||
kind: PersistentVolumeClaim | ||
metadata: | ||
name: mail-spool | ||
labels: | ||
app: mail | ||
spec: | ||
accessModes: | ||
- ReadWriteOnce | ||
resources: | ||
requests: | ||
storage: 1Gi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
apiVersion: viaduct.ai/v1 | ||
kind: ksops | ||
metadata: | ||
name: mail-secrets | ||
files: | ||
- ./aliases.enc.yaml |