feat: add traefik and ingress
This commit is contained in:
parent
45e9865212
commit
6060312074
11
README.md
11
README.md
@ -17,6 +17,13 @@ Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IM
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| image.repository | string | `"stalwartlabs/mail-server"` | |
|
||||
| image.tag | string | `""` | |
|
||||
| ingress.annotations | object | `{}` | |
|
||||
| ingress.className | string | `""` | |
|
||||
| ingress.enabled | bool | `false` | |
|
||||
| ingress.hosts[0].host | string | `"chart-example.local"` | |
|
||||
| ingress.hosts[0].paths[0].path | string | `"/"` | |
|
||||
| ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | |
|
||||
| ingress.tls | list | `[]` | |
|
||||
| persistence.accessMode | string | `"ReadWriteOnce"` | |
|
||||
| persistence.enabled | bool | `false` | |
|
||||
| persistence.existingClaim | string | `""` | |
|
||||
@ -33,6 +40,10 @@ Helm Chart for Stalwart Mail Server - Secure & Modern All-in-One Mail Server (IM
|
||||
| service.ports.smtps | int | `465` | |
|
||||
| service.ports.submission | int | `587` | |
|
||||
| service.type | string | `"NodePort"` | |
|
||||
| traefik.enabled | bool | `false` | |
|
||||
| traefik.ports.http | string | `"websecure"` | |
|
||||
| traefik.ports.imaps | string | `"imaps"` | |
|
||||
| traefik.ports.smtps | string | `"smtps"` | |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.13.1](https://github.com/norwoodj/helm-docs/releases/v1.13.1)
|
||||
|
61
templates/ingress.yaml
Normal file
61
templates/ingress.yaml
Normal file
@ -0,0 +1,61 @@
|
||||
{{- if .Values.ingress.enabled -}}
|
||||
{{- $fullName := include "stalwart-mail.fullname" . -}}
|
||||
{{- $svcPort := .Values.service.ports.http -}}
|
||||
{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
|
||||
{{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }}
|
||||
{{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
|
||||
apiVersion: networking.k8s.io/v1beta1
|
||||
{{- else -}}
|
||||
apiVersion: extensions/v1beta1
|
||||
{{- end }}
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $fullName }}
|
||||
labels:
|
||||
{{- include "stalwart-mail.labels" . | nindent 4 }}
|
||||
{{- with .Values.ingress.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
|
||||
ingressClassName: {{ .Values.ingress.className }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingress.tls }}
|
||||
tls:
|
||||
{{- range .Values.ingress.tls }}
|
||||
- hosts:
|
||||
{{- range .hosts }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
secretName: {{ .secretName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- range .Values.ingress.hosts }}
|
||||
- host: {{ .host | quote }}
|
||||
http:
|
||||
paths:
|
||||
{{- range .paths }}
|
||||
- path: {{ .path }}
|
||||
{{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }}
|
||||
pathType: {{ .pathType }}
|
||||
{{- end }}
|
||||
backend:
|
||||
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
|
||||
service:
|
||||
name: {{ $fullName }}
|
||||
port:
|
||||
number: {{ $svcPort }}
|
||||
{{- else }}
|
||||
serviceName: {{ $fullName }}
|
||||
servicePort: {{ $svcPort }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
21
templates/traefik.yaml
Normal file
21
templates/traefik.yaml
Normal file
@ -0,0 +1,21 @@
|
||||
{{- if .Values.traefik.enabled }}
|
||||
{{- range $port,$entryport := .Values.traefik.ports }}
|
||||
---
|
||||
apiVersion: traefik.io/v1alpha1
|
||||
kind: IngressRouteTCP
|
||||
metadata:
|
||||
name: {{ include "stalwart-mail.fullname" $ }}-{{ $port }}
|
||||
spec:
|
||||
entryPoints:
|
||||
- {{ $entryport }}
|
||||
routes:
|
||||
- match: HostSNI(`{{ $.Values.traefik.host }}`)
|
||||
services:
|
||||
- name: {{ include "stalwart-mail.fullname" $ }}
|
||||
port: {{ $port }}
|
||||
proxyProtocol:
|
||||
version: 2
|
||||
tls:
|
||||
passthrough: true
|
||||
{{- end }}
|
||||
{{- end }}{{/* end-if .enabled */}}
|
25
values.yaml
25
values.yaml
@ -15,6 +15,31 @@ service:
|
||||
imaps: 993
|
||||
sieve: 4190
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
className: ''
|
||||
annotations:
|
||||
{}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: chart-example.local
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - chart-example.local
|
||||
|
||||
traefik:
|
||||
enabled: false
|
||||
#host: "mail.example.com"
|
||||
ports:
|
||||
http: websecure
|
||||
imaps: imaps
|
||||
smtps: smtps
|
||||
|
||||
## Persist configuration to a persistent volume
|
||||
persistence:
|
||||
# persistence.enabled - Should disk persistence be enabled
|
||||
|
Loading…
Reference in New Issue
Block a user