roundcube: controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: roundcube/roundcubemail tag: 1.6.11-fpm-alpine pullPolicy: IfNotPresent env: - name: ROUNDCUBEMAIL_DB_TYPE value: pgsql - name: ROUNDCUBEMAIL_DB_HOST valueFrom: secretKeyRef: name: roundcube-postgresql-17-cluster-app key: host - name: ROUNDCUBEMAIL_DB_NAME valueFrom: secretKeyRef: name: roundcube-postgresql-17-cluster-app key: dbname - name: ROUNDCUBEMAIL_DB_USER valueFrom: secretKeyRef: name: roundcube-postgresql-17-cluster-app key: user - name: ROUNDCUBEMAIL_DB_PASSWORD valueFrom: secretKeyRef: name: roundcube-postgresql-17-cluster-app key: password - name: ROUNDCUBEMAIL_DES_KEY valueFrom: secretKeyRef: name: roundcube-key-secret key: DES_KEY - name: ROUNDCUBEMAIL_DEFAULT_HOST value: stalwart.stalwart - name: ROUNDCUBEMAIL_DEFAULT_PORT value: 143 - name: ROUNDCUBEMAIL_SMTP_SERVER value: stalwart.stalwart - name: ROUNDCUBEMAIL_SMTP_PORT value: 25 - name: ROUNDCUBEMAIL_SKIN value: elastic - name: ROUNDCUBEMAIL_PLUGINS value: archive,zipdownload,newmail_notifier resources: requests: cpu: 10m memory: 256Mi nginx: image: repository: nginx tag: 1.29.0-alpine pullPolicy: IfNotPresent env: - name: NGINX_HOST value: mail.alexlebens.net - name: NGINX_PHP_CGI value: roundcube.roundcube:9000 resources: requests: cpu: 10m memory: 128Mi cleandb: type: cronjob cronjob: suspend: false concurrencyPolicy: Forbid timeZone: US/Central schedule: 30 4 * * * startingDeadlineSeconds: 90 successfulJobsHistory: 3 failedJobsHistory: 3 backoffLimit: 3 parallelism: 1 containers: backup: image: repository: roundcube/roundcubemail tag: 1.6.11-fpm-alpine pullPolicy: IfNotPresent env: - name: ROUNDCUBEMAIL_DB_TYPE value: pgsql - name: ROUNDCUBEMAIL_DB_HOST valueFrom: secretKeyRef: name: roundcube-postgresql-17-cluster-app key: host - name: ROUNDCUBEMAIL_DB_NAME valueFrom: secretKeyRef: name: roundcube-postgresql-17-cluster-app key: dbname - name: ROUNDCUBEMAIL_DB_USER valueFrom: secretKeyRef: name: roundcube-postgresql-17-cluster-app key: user - name: ROUNDCUBEMAIL_DB_PASSWORD valueFrom: secretKeyRef: name: roundcube-postgresql-17-cluster-app key: password - name: ROUNDCUBEMAIL_DES_KEY valueFrom: secretKeyRef: name: roundcube-key-secret key: DES_KEY - name: ROUNDCUBEMAIL_DEFAULT_HOST value: tls://stalwart.stalwart - name: ROUNDCUBEMAIL_SMTP_SERVER value: tls://stalwart.stalwart - name: ROUNDCUBEMAIL_SKIN value: elastic - name: ROUNDCUBEMAIL_PLUGINS value: archive,zipdownload,newmail_notifier args: - bin/cleandb.sh resources: requests: cpu: 100m memory: 128Mi configMaps: config: enabled: true data: default.conf: | server { listen 80 default_server; server_name _; root /var/www/html; location / { try_files $uri /index.php$is_args$args; } location ~ \.php(/|$) { try_files $uri =404; fastcgi_pass roundcube:9000; fastcgi_read_timeout 300; proxy_read_timeout 300; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; fastcgi_param DOCUMENT_ROOT $realpath_root; internal; } client_max_body_size 6m; error_log /var/log/nginx/error.log; access_log /var/log/nginx/access.log; } service: main: controller: main ports: mail: port: 9000 targetPort: 9000 protocol: HTTP web: port: 80 targetPort: 80 protocol: HTTP persistence: data: forceRename: roundcube-data storageClass: ceph-block accessMode: ReadWriteOnce size: 5Gi retain: true advancedMounts: main: main: - path: /var/www/html readOnly: false nginx: - path: /var/www/html readOnly: false temp: type: emptyDir advancedMounts: main: main: - path: /tmp/roundcube-temp readOnly: false config: enabled: true type: configMap name: roundcube-config advancedMounts: main: nginx: - path: /etc/nginx/conf.d/default.conf readOnly: true mountPropagation: None subPath: default.conf postgres-17-cluster: mode: standalone cluster: storage: storageClass: local-path walStorage: storageClass: local-path monitoring: enabled: true prometheusRule: enabled: true recovery: method: objectStore objectStore: endpointURL: https://nyc3.digitaloceanspaces.com destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster endpointCredentials: roundcube-postgresql-17-cluster-backup-secret recoveryIndex: 2 backup: enabled: true endpointURL: https://nyc3.digitaloceanspaces.com destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster endpointCredentials: roundcube-postgresql-17-cluster-backup-secret backupIndex: 2 retentionPolicy: "7d"