Merge branch 'main' of ssh://git.maketank.net:2222/chaos/podman

mail.pod.yaml

@@ -0,0 +1,160 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: postfix-config
+data:
+  main.cf: |
+    myhostname = mail.chaos
+    alias_maps = hash:/etc/postfix/aliases
+    alias_database = $alias_maps
+    mydestination = localhost, mail.chaos, chaos, localhost.localdomain, localhost
+    relayhost =
+    mynetworks = 172.17.0.0/16, 192.168.0.0/16, 10.0.0.0/8, 127.0.0.0/8
+    mailbox_size_limit = 0
+    recipient_delimiter = +
+    inet_interfaces = all
+    home_mailbox = Maildir/
+    # Redirect Postfix logs to stdout and stderr
+    syslog_name = postfix
+    maillog_file = /dev/stdout
+
+    # Dovecot LMTP configuration for receiving mail
+    virtual_transport = lmtp:localhost:24
+    smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
+
+    # Authentication using Dovecot SASL
+    broken_sasl_auth_clients = yes
+    smtpd_sasl_auth_enable = yes
+    smtpd_sasl_type = dovecot
+    smtpd_sasl_path = private/auth
+    smtpd_sasl_security_options = noanonymous
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: dovecot-config
+data:
+  10-master.conf: |
+    service imap-login {
+      inet_listener imap {
+        address = *
+        port = 143
+      }
+    }
+
+    service lmtp {
+      unix_listener /var/spool/postfix/private/auth {
+        mode = 0660
+        user = postfix
+        group = postfix
+      }
+
+      unix_listener lmtp {
+        mode = 0600
+        user = vmail
+        group = vmail
+      }
+    }
+
+    service auth {
+      unix_listener /var/spool/postfix/private/auth {
+        mode = 0660
+        user = postfix
+        group = postfix
+      }
+
+      # Authentication via PAM
+      unix_listener auth-userdb {
+        mode = 0666
+        user = vmail
+        group = vmail
+      }
+    }
+    
+    service auth-worker {
+      # No additional settings required for worker processes
+    }
+
+  10-auth.conf: |
+    disable_plaintext_auth = no
+
+    auth_mechanisms = plain login
+
+    passdb {
+      driver = pam
+      args = /etc/pam.d/dovecot
+    }
+
+    userdb {
+      driver = passwd-file
+      args = /etc/dovecot/users
+    }
+  
+  10-mail.conf: |
+    mail_location = maildir:/var/mail/%d/%n/Maildir
+
+    first_valid_uid = 5000
+    last_valid_uid = 5999
+
+    first_valid_gid = 5000
+    last_valid_gid = 5999
+    # Redirect Dovecot logs to stdout and stderr
+    log_path = /dev/stdout
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: mail-storage
+spec:
+  accessModes:
+    - ReadWriteMany
+  resources:
+    requests:
+      storage: 10Gi
+
+---
+apiVersion: v1
+kind: Pod
+metadata:
+  name: mail-pod
+spec:
+  containers:
+  - name: postfix
+    image: docker.io/mailcow/postfix
+    ports:
+    - containerPort: 25
+      hostPort: 2525
+    volumeMounts:
+    - mountPath: /etc/postfix
+      name: config-volume
+    - mountPath: /var/mail
+      name: mail-storage-pvc
+    # Redirect Postfix logs to stdout and stderr
+    command: ["sh", "-c"]
+    args: ["/usr/sbin/postfix start-fg >>/dev/stdout 2>>/dev/stderr & tail -f /dev/null"]
+
+  - name: dovecot
+    image: docker.io/dovecot/dovecot
+    ports:
+    - containerPort: 143
+      hostPort: 14343
+    volumeMounts:
+    - mountPath: /etc/dovecot/conf.d
+      name: config-volume
+    - mountPath: /var/mail
+      name: mail-storage-pvc
+    # Redirect Dovecot logs to stdout and stderr
+    command: ["sh", "-c"]
+    args: ["/usr/sbin/dovecot >>/dev/stdout 2>>/dev/stderr & tail -f /dev/null"]
+
+  volumes:
+  - name: config-volume
+    configMap:
+      name: dovecot-config
+
+  - name: mail-storage-pvc
+    persistentVolumeClaim:
+      claimName: mail-storage
+