apiVersion: apps/v1
kind: Deployment
metadata:
  name: dovecot
  namespace: {{ .namespace }}
spec:
  replicas: 1
  selector:
    matchLabels:
      component: dovecot
  template:
    metadata:
      labels:
        component: dovecot
    spec:
      initContainers:
      - name: fix-permissions
        image: busybox:latest
        command: ['sh', '-c', 'chown -R 999:999 /data /mail']
        volumeMounts:
        - name: data
          subPath: mail
          mountPath: /mail
        - name: data
          subPath: dovecot
          mountPath: /data
      containers:
      - name: dovecot
        image: {{ .images.dovecot }}
        imagePullPolicy: IfNotPresent
        securityContext:
          capabilities:
            add:
            - SYS_CHROOT
            - CHOWN
            - SETGID
            - SETUID
        envFrom:
        - configMapRef:
            name: mailu-config
        ports:
        - name: imap
          containerPort: 143
        - name: imaps
          containerPort: 993
        - name: pop3
          containerPort: 110
        - name: pop3s
          containerPort: 995
        - name: sieve
          containerPort: 4190
        - name: auth
          containerPort: 2102
        - name: lmtp
          containerPort: 2525
        volumeMounts:
        - name: data
          subPath: mail
          mountPath: /mail
        resources:
          requests:
            memory: "1Gi"
            cpu: "500m"
          limits:
            memory: "2Gi"
            cpu: "2000m"
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: mailu-storage