apiVersion: apps/v1 kind: Deployment metadata: name: admin namespace: {{ .namespace }} spec: replicas: 1 selector: matchLabels: component: admin template: metadata: labels: component: admin spec: dnsPolicy: "None" dnsConfig: nameservers: - {{ .unbound.ip }} searches: - {{ .namespace }}.svc.cluster.local - svc.cluster.local - cluster.local options: - name: ndots value: "5" initContainers: - name: fix-permissions image: busybox:latest command: ['sh', '-c', 'chown -R 999:999 /data /dkim'] volumeMounts: - name: data subPath: admin mountPath: /data - name: data subPath: dkim mountPath: /dkim containers: - name: admin image: {{ .images.admin }} imagePullPolicy: IfNotPresent securityContext: capabilities: add: - SYS_CHROOT - CHOWN - SETGID - SETUID env: - name: SECRET_KEY valueFrom: secretKeyRef: name: mailu-secrets key: secretKey - name: REDIS_ADDRESS value: "{{ .redis.host }}" - name: I_KNOW_MY_SETUP_DOESNT_FIT_REQUIREMENTS_AND_WONT_FILE_ISSUES_WITHOUT_PATCHES value: "true" - name: INITIAL_ADMIN_ACCOUNT value: "{{ .initialAccount.username }}" - name: INITIAL_ADMIN_DOMAIN value: "{{ .initialAccount.domain }}" - name: INITIAL_ADMIN_PW valueFrom: secretKeyRef: name: mailu-secrets key: initialAccountPassword envFrom: - configMapRef: name: mailu-config ports: - name: http containerPort: 8080 volumeMounts: - name: data subPath: admin mountPath: /data - name: data subPath: dkim mountPath: /dkim resources: requests: memory: "512Mi" cpu: "250m" limits: memory: "1Gi" cpu: "1000m" livenessProbe: httpGet: path: /ping port: 8080 initialDelaySeconds: 10 periodSeconds: 10 readinessProbe: httpGet: path: /ping port: 8080 initialDelaySeconds: 5 periodSeconds: 5 volumes: - name: data persistentVolumeClaim: claimName: mailu-storage