249 lines
		
	
	
		
			7.3 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			249 lines
		
	
	
		
			7.3 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
| roundcube:
 | |
|   controllers:
 | |
|     main:
 | |
|       type: deployment
 | |
|       replicas: 1
 | |
|       strategy: Recreate
 | |
|       revisionHistoryLimit: 3
 | |
|       containers:
 | |
|         main:
 | |
|           image:
 | |
|             repository: roundcube/roundcubemail
 | |
|             tag: 1.6.11-fpm-alpine
 | |
|             pullPolicy: IfNotPresent
 | |
|           env:
 | |
|             - name: ROUNDCUBEMAIL_DB_TYPE
 | |
|               value: pgsql
 | |
|             - name: ROUNDCUBEMAIL_DB_HOST
 | |
|               valueFrom:
 | |
|                 secretKeyRef:
 | |
|                   name: roundcube-postgresql-17-cluster-app
 | |
|                   key: host
 | |
|             - name: ROUNDCUBEMAIL_DB_NAME
 | |
|               valueFrom:
 | |
|                 secretKeyRef:
 | |
|                   name: roundcube-postgresql-17-cluster-app
 | |
|                   key: dbname
 | |
|             - name: ROUNDCUBEMAIL_DB_USER
 | |
|               valueFrom:
 | |
|                 secretKeyRef:
 | |
|                   name: roundcube-postgresql-17-cluster-app
 | |
|                   key: user
 | |
|             - name: ROUNDCUBEMAIL_DB_PASSWORD
 | |
|               valueFrom:
 | |
|                 secretKeyRef:
 | |
|                   name: roundcube-postgresql-17-cluster-app
 | |
|                   key: password
 | |
|             - name: ROUNDCUBEMAIL_DES_KEY
 | |
|               valueFrom:
 | |
|                 secretKeyRef:
 | |
|                   name: roundcube-key-secret
 | |
|                   key: DES_KEY
 | |
|             - name: ROUNDCUBEMAIL_DEFAULT_HOST
 | |
|               value: stalwart.stalwart
 | |
|             - name: ROUNDCUBEMAIL_DEFAULT_PORT
 | |
|               value: 143
 | |
|             - name: ROUNDCUBEMAIL_SMTP_SERVER
 | |
|               value: stalwart.stalwart
 | |
|             - name: ROUNDCUBEMAIL_SMTP_PORT
 | |
|               value: 25
 | |
|             - name: ROUNDCUBEMAIL_SKIN
 | |
|               value: elastic
 | |
|             - name: ROUNDCUBEMAIL_PLUGINS
 | |
|               value: archive,zipdownload,newmail_notifier
 | |
|           resources:
 | |
|             requests:
 | |
|               cpu: 10m
 | |
|               memory: 256Mi
 | |
|         nginx:
 | |
|           image:
 | |
|             repository: nginx
 | |
|             tag: 1.29.2-alpine
 | |
|             pullPolicy: IfNotPresent
 | |
|           env:
 | |
|             - name: NGINX_HOST
 | |
|               value: mail.alexlebens.net
 | |
|             - name: NGINX_PHP_CGI
 | |
|               value: roundcube.roundcube:9000
 | |
|           resources:
 | |
|             requests:
 | |
|               cpu: 10m
 | |
|               memory: 128Mi
 | |
|     cleandb:
 | |
|       type: cronjob
 | |
|       cronjob:
 | |
|         suspend: false
 | |
|         concurrencyPolicy: Forbid
 | |
|         timeZone: US/Central
 | |
|         schedule: 30 4 * * *
 | |
|         startingDeadlineSeconds: 90
 | |
|         successfulJobsHistory: 3
 | |
|         failedJobsHistory: 3
 | |
|         backoffLimit: 3
 | |
|         parallelism: 1
 | |
|       containers:
 | |
|         backup:
 | |
|           image:
 | |
|             repository: roundcube/roundcubemail
 | |
|             tag: 1.6.11-fpm-alpine
 | |
|             pullPolicy: IfNotPresent
 | |
|           env:
 | |
|             - name: ROUNDCUBEMAIL_DB_TYPE
 | |
|               value: pgsql
 | |
|             - name: ROUNDCUBEMAIL_DB_HOST
 | |
|               valueFrom:
 | |
|                 secretKeyRef:
 | |
|                   name: roundcube-postgresql-17-cluster-app
 | |
|                   key: host
 | |
|             - name: ROUNDCUBEMAIL_DB_NAME
 | |
|               valueFrom:
 | |
|                 secretKeyRef:
 | |
|                   name: roundcube-postgresql-17-cluster-app
 | |
|                   key: dbname
 | |
|             - name: ROUNDCUBEMAIL_DB_USER
 | |
|               valueFrom:
 | |
|                 secretKeyRef:
 | |
|                   name: roundcube-postgresql-17-cluster-app
 | |
|                   key: user
 | |
|             - name: ROUNDCUBEMAIL_DB_PASSWORD
 | |
|               valueFrom:
 | |
|                 secretKeyRef:
 | |
|                   name: roundcube-postgresql-17-cluster-app
 | |
|                   key: password
 | |
|             - name: ROUNDCUBEMAIL_DES_KEY
 | |
|               valueFrom:
 | |
|                 secretKeyRef:
 | |
|                   name: roundcube-key-secret
 | |
|                   key: DES_KEY
 | |
|             - name: ROUNDCUBEMAIL_DEFAULT_HOST
 | |
|               value: tls://stalwart.stalwart
 | |
|             - name: ROUNDCUBEMAIL_SMTP_SERVER
 | |
|               value: tls://stalwart.stalwart
 | |
|             - name: ROUNDCUBEMAIL_SKIN
 | |
|               value: elastic
 | |
|             - name: ROUNDCUBEMAIL_PLUGINS
 | |
|               value: archive,zipdownload,newmail_notifier
 | |
|           args:
 | |
|             - bin/cleandb.sh
 | |
|           resources:
 | |
|             requests:
 | |
|               cpu: 100m
 | |
|               memory: 128Mi
 | |
|   configMaps:
 | |
|     config:
 | |
|       enabled: true
 | |
|       data:
 | |
|         default.conf: |
 | |
|           server {
 | |
|               listen 80 default_server;
 | |
|               server_name _;
 | |
|               root /var/www/html;
 | |
| 
 | |
|               location / {
 | |
|                   try_files $uri /index.php$is_args$args;
 | |
|               }
 | |
| 
 | |
|               location ~ \.php(/|$) {
 | |
|                   try_files $uri =404;
 | |
|                   fastcgi_pass roundcube:9000;
 | |
|                   fastcgi_read_timeout 300;
 | |
|                   proxy_read_timeout 300;
 | |
|                   fastcgi_split_path_info ^(.+\.php)(/.*)$;
 | |
|                   include fastcgi_params;
 | |
|                   fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
 | |
|                   fastcgi_param DOCUMENT_ROOT $realpath_root;
 | |
|                   internal;
 | |
|               }
 | |
| 
 | |
|               client_max_body_size 6m;
 | |
| 
 | |
|               error_log  /var/log/nginx/error.log;
 | |
|               access_log /var/log/nginx/access.log;
 | |
|           }
 | |
|   service:
 | |
|     main:
 | |
|       controller: main
 | |
|       ports:
 | |
|         mail:
 | |
|           port: 9000
 | |
|           targetPort: 9000
 | |
|           protocol: HTTP
 | |
|         web:
 | |
|           port: 80
 | |
|           targetPort: 80
 | |
|           protocol: HTTP
 | |
|   persistence:
 | |
|     data:
 | |
|       forceRename: roundcube-data
 | |
|       storageClass: ceph-block
 | |
|       accessMode: ReadWriteOnce
 | |
|       size: 5Gi
 | |
|       retain: true
 | |
|       advancedMounts:
 | |
|         main:
 | |
|           main:
 | |
|             - path: /var/www/html
 | |
|               readOnly: false
 | |
|           nginx:
 | |
|             - path: /var/www/html
 | |
|               readOnly: false
 | |
|     temp:
 | |
|       type: emptyDir
 | |
|       advancedMounts:
 | |
|         main:
 | |
|           main:
 | |
|             - path: /tmp/roundcube-temp
 | |
|               readOnly: false
 | |
|     config:
 | |
|       enabled: true
 | |
|       type: configMap
 | |
|       name: roundcube-config
 | |
|       advancedMounts:
 | |
|         main:
 | |
|           nginx:
 | |
|             - path: /etc/nginx/conf.d/default.conf
 | |
|               readOnly: true
 | |
|               mountPropagation: None
 | |
|               subPath: default.conf
 | |
| postgres-17-cluster:
 | |
|   mode: recovery
 | |
|   cluster:
 | |
|     storage:
 | |
|       storageClass: local-path
 | |
|     walStorage:
 | |
|       storageClass: local-path
 | |
|     monitoring:
 | |
|       enabled: true
 | |
|       prometheusRule:
 | |
|         enabled: true
 | |
|   recovery:
 | |
|     method: objectStore
 | |
|     objectStore:
 | |
|       destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster
 | |
|       index: 2
 | |
|   backup:
 | |
|     objectStore:
 | |
|       - name: external
 | |
|         destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/roundcube/roundcube-postgresql-17-cluster
 | |
|         index: 2
 | |
|         retentionPolicy: "2d"
 | |
|       - name: garage
 | |
|         destinationPath: s3://postgres-backups/cl01tl/roundcube/roundcube-postgresql-17-cluster
 | |
|         index: 1
 | |
|         endpointURL: https://garage-ps10rp.boreal-beaufort.ts.net:3900
 | |
|         endpointCredentials: roundcube-postgresql-17-cluster-backup-secret-weekly
 | |
|         retentionPolicy: "30d"
 | |
|         isWALArchiver: false
 | |
|         data:
 | |
|           compression: bzip2
 | |
|           jobs: 2
 | |
|     scheduledBackups:
 | |
|       - name: daily-backup
 | |
|         suspend: false
 | |
|         schedule: "0 0 0 * * *"
 | |
|         backupName: external
 | |
|       - name: weekly-backup
 | |
|         suspend: false
 | |
|         schedule: "0 24 4 * * SAT"
 | |
|         backupName: garage
 |