# services/mailu/helmrelease.yaml apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: mailu namespace: mailu-mailserver spec: interval: 30m chart: spec: chart: mailu version: 2.1.2 sourceRef: kind: HelmRepository name: mailu namespace: flux-system install: remediation: { retries: 3 } upgrade: remediation: { retries: 3 } cleanupOnFail: true values: mailuVersion: "2024.06" domain: bstein.dev hostnames: [mail.bstein.dev] domains: - name: bstein.dev enabled: true dkim: enabled: true timezone: Etc/UTC subnet: 10.42.0.0/16 existingSecret: mailu-secret externalDatabase: enabled: true type: postgresql host: postgres-service.postgres.svc.cluster.local port: 5432 database: mailu username: mailu existingSecret: mailu-db-secret existingSecretUsernameKey: username existingSecretPasswordKey: password existingSecretDatabaseKey: database initialAccount: enabled: true username: test domain: bstein.dev existingSecret: mailu-initial-account-secret existingSecretPasswordKey: password persistence: accessModes: [ReadWriteMany] size: 100Gi storageClass: astreae single_pvc: true front: hostnames: [mail.bstein.dev] proxied: true hostPort: enabled: false https: enabled: true external: true forceHttps: false externalService: enabled: true type: LoadBalancer externalTrafficPolicy: Cluster nodePorts: pop3: 30010 pop3s: 30011 imap: 30143 imaps: 30993 manageSieve: 30419 smtp: 30025 smtps: 30465 submission: 30587 logLevel: DEBUG nodeSelector: hardware: rpi4 admin: logLevel: DEBUG nodeSelector: hardware: rpi4 extraEnvVars: - name: FLASK_DEBUG value: "1" - name: ACCESSLOG value: /dev/stdout - name: ERRORLOG value: /dev/stderr - name: WEBROOT_REDIRECT value: "" - name: FORWARDED_ALLOW_IPS value: 127.0.0.1,10.42.0.0/16 - name: DNS_RESOLVERS value: 1.1.1.1,9.9.9.9 extraVolumes: - name: unbound-config configMap: name: mailu-unbound - name: unbound-run emptyDir: {} extraVolumeMounts: - name: unbound-config mountPath: /etc/unbound - name: unbound-run mountPath: /var/lib/unbound extraContainers: - name: unbound image: docker.io/mvance/unbound:1.22.0 args: - -d - -c - /etc/unbound/unbound.conf ports: - containerPort: 53 protocol: UDP - containerPort: 53 protocol: TCP volumeMounts: - name: unbound-config mountPath: /etc/unbound - name: unbound-run mountPath: /var/lib/unbound dnsPolicy: None dnsConfig: nameservers: - 127.0.0.1 searches: - mailu-mailserver.svc.cluster.local - svc.cluster.local - cluster.local clamav: logLevel: DEBUG nodeSelector: hardware: rpi4 dovecot: logLevel: DEBUG nodeSelector: hardware: rpi4 oletools: logLevel: DEBUG nodeSelector: hardware: rpi4 postfix: logLevel: DEBUG nodeSelector: hardware: rpi4 redis: enabled: true architecture: standalone logLevel: DEBUG image: repository: bitnami/redis tag: 7.2.4-debian-12-r6 master: nodeSelector: hardware: rpi4 persistence: enabled: true accessModes: [ReadWriteMany] size: 8Gi storageClass: astreae rspamd: logLevel: DEBUG nodeSelector: hardware: rpi4 persistence: accessModes: [ReadWriteOnce] size: 8Gi storageClass: astreae tika: logLevel: DEBUG nodeSelector: hardware: rpi4 global: logLevel: DEBUG storageClass: astreae webmail: enabled: false nodeSelector: hardware: rpi4 ingress: enabled: true ingressClassName: traefik tls: true existingSecret: mailu-certificates annotations: traefik.ingress.kubernetes.io/router.entrypoints: websecure extraRules: - host: mail.bstein.dev http: paths: - path: / pathType: Prefix backend: service: name: mailu-front port: number: 443 service: ports: smtp: port: 25 targetPort: 25 smtps: port: 465 targetPort: 465 submission: port: 587 targetPort: 587