apiVersion: apps/v1
kind: Deployment
metadata:
  name: postfix
  namespace: {{ .namespace }}
spec:
  replicas: 1
  selector:
    matchLabels:
      component: postfix
  template:
    metadata:
      labels:
        component: postfix
    spec:
      initContainers:
      - name: fix-permissions
        image: busybox:latest
        command: ['sh', '-c', 'chown -R 999:999 /queue']
        volumeMounts:
        - name: data
          subPath: mailqueue
          mountPath: /queue
      containers:
      - name: postfix
        image: {{ .images.postfix }}
        imagePullPolicy: IfNotPresent
        securityContext:
          capabilities:
            add:
            - SYS_CHROOT
            - CHOWN
            - SETGID
            - SETUID
            - NET_BIND_SERVICE
        envFrom:
        - configMapRef:
            name: mailu-config
        ports:
        - name: smtp
          containerPort: 25
        - name: smtps
          containerPort: 465
        - name: submission
          containerPort: 587
        volumeMounts:
        - name: data
          subPath: mailqueue
          mountPath: /queue
        resources:
          requests:
            memory: "512Mi"
            cpu: "250m"
          limits:
            memory: "2Gi"
            cpu: "1000m"
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: mailu-storage