roundcube: controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: roundcube/roundcubemail tag: 1.6.12-fpm-alpine pullPolicy: IfNotPresent env: - name: ROUNDCUBEMAIL_DB_TYPE value: pgsql - name: ROUNDCUBEMAIL_DB_HOST valueFrom: secretKeyRef: name: roundcube-postgresql-18-cluster-app key: host - name: ROUNDCUBEMAIL_DB_NAME valueFrom: secretKeyRef: name: roundcube-postgresql-18-cluster-app key: dbname - name: ROUNDCUBEMAIL_DB_USER valueFrom: secretKeyRef: name: roundcube-postgresql-18-cluster-app key: user - name: ROUNDCUBEMAIL_DB_PASSWORD valueFrom: secretKeyRef: name: roundcube-postgresql-18-cluster-app key: password - name: ROUNDCUBEMAIL_DES_KEY valueFrom: secretKeyRef: name: roundcube-key-secret key: DES_KEY - name: ROUNDCUBEMAIL_DEFAULT_HOST value: stalwart.stalwart - name: ROUNDCUBEMAIL_DEFAULT_PORT value: 143 - name: ROUNDCUBEMAIL_SMTP_SERVER value: stalwart.stalwart - name: ROUNDCUBEMAIL_SMTP_PORT value: 25 - name: ROUNDCUBEMAIL_SKIN value: elastic - name: ROUNDCUBEMAIL_PLUGINS value: archive,zipdownload,newmail_notifier resources: requests: cpu: 10m memory: 256Mi nginx: image: repository: nginx tag: 1.29.4-alpine pullPolicy: IfNotPresent env: - name: NGINX_HOST value: mail.alexlebens.net - name: NGINX_PHP_CGI value: roundcube.roundcube:9000 resources: requests: cpu: 10m memory: 128Mi cleandb: type: cronjob cronjob: suspend: false concurrencyPolicy: Forbid timeZone: US/Central schedule: 30 4 * * * startingDeadlineSeconds: 90 successfulJobsHistory: 1 failedJobsHistory: 1 backoffLimit: 3 parallelism: 1 containers: backup: image: repository: roundcube/roundcubemail tag: 1.6.12-fpm-alpine pullPolicy: IfNotPresent env: - name: ROUNDCUBEMAIL_DB_TYPE value: pgsql - name: ROUNDCUBEMAIL_DB_HOST valueFrom: secretKeyRef: name: roundcube-postgresql-18-cluster-app key: host - name: ROUNDCUBEMAIL_DB_NAME valueFrom: secretKeyRef: name: roundcube-postgresql-18-cluster-app key: dbname - name: ROUNDCUBEMAIL_DB_USER valueFrom: secretKeyRef: name: roundcube-postgresql-18-cluster-app key: user - name: ROUNDCUBEMAIL_DB_PASSWORD valueFrom: secretKeyRef: name: roundcube-postgresql-18-cluster-app key: password - name: ROUNDCUBEMAIL_DES_KEY valueFrom: secretKeyRef: name: roundcube-key-secret key: DES_KEY - name: ROUNDCUBEMAIL_DEFAULT_HOST value: tls://stalwart.stalwart - name: ROUNDCUBEMAIL_SMTP_SERVER value: tls://stalwart.stalwart - name: ROUNDCUBEMAIL_SKIN value: elastic - name: ROUNDCUBEMAIL_PLUGINS value: archive,zipdownload,newmail_notifier args: - bin/cleandb.sh resources: requests: cpu: 100m memory: 128Mi configMaps: config: enabled: true data: default.conf: | server { listen 80 default_server; server_name _; root /var/www/html; location / { try_files $uri /index.php$is_args$args; } location ~ \.php(/|$) { try_files $uri =404; fastcgi_pass roundcube:9000; fastcgi_read_timeout 300; proxy_read_timeout 300; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; fastcgi_param DOCUMENT_ROOT $realpath_root; internal; } client_max_body_size 6m; error_log /var/log/nginx/error.log; access_log /var/log/nginx/access.log; } service: main: controller: main ports: mail: port: 9000 targetPort: 9000 protocol: HTTP web: port: 80 targetPort: 80 protocol: HTTP route: main: kind: HTTPRoute parentRefs: - group: gateway.networking.k8s.io kind: Gateway name: traefik-gateway namespace: traefik hostnames: - mail.alexlebens.net rules: - backendRefs: - group: '' kind: Service name: roundcube port: 80 weight: 100 matches: - path: type: PathPrefix value: / persistence: config: enabled: true type: configMap name: roundcube-config advancedMounts: main: nginx: - path: /etc/nginx/conf.d/default.conf readOnly: true mountPropagation: None subPath: default.conf data: forceRename: roundcube-data storageClass: ceph-block accessMode: ReadWriteOnce size: 5Gi retain: true advancedMounts: main: main: - path: /var/www/html readOnly: false nginx: - path: /var/www/html readOnly: false temp: type: emptyDir advancedMounts: main: main: - path: /tmp/roundcube-temp readOnly: false postgres-18-cluster: mode: recovery recovery: method: objectStore objectStore: index: 1 backup: objectStore: - name: garage-local index: 1 destinationBucket: postgres-backups externalSecretCredentialPath: /garage/home-infra/postgres-backups isWALArchiver: true # - name: garage-remote # index: 1 # destinationBucket: postgres-backups # externalSecretCredentialPath: /garage/home-infra/postgres-backups # retentionPolicy: "90d" # data: # compression: bzip2 # - name: external # index: 1 # endpointURL: https://nyc3.digitaloceanspaces.com # destinationBucket: postgres-backups-ce540ddf106d186bbddca68a # externalSecretCredentialPath: /garage/home-infra/postgres-backups # isWALArchiver: false scheduledBackups: - name: live-backup suspend: false immediate: true schedule: "0 0 0 * * *" backupName: garage-local # - name: weekly-backup # suspend: true # immediate: true # schedule: "0 0 4 * * SAT" # backupName: garage-remote # - name: daily-backup # suspend: true # immediate: true # schedule: "0 0 0 * * *" # backupName: external volsync-target-data: pvcTarget: roundcube-data