From 668e83f0ea1d7603b8968589109e284532c236ff Mon Sep 17 00:00:00 2001 From: Rich Braun Date: Fri, 23 Jan 2026 11:14:42 -0800 Subject: [PATCH 1/2] SYS-669 replace rainloop with snappymail --- README.md | 9 ++-- k8s/helm/snappymail/.helmignore | 2 + k8s/helm/snappymail/Chart.yaml | 14 +++++++ k8s/helm/snappymail/templates/NOTES.txt | 28 +++++++++++++ k8s/helm/snappymail/templates/app.yaml | 15 +++++++ .../templates/tests/test-connection.yaml | 17 ++++++++ k8s/helm/snappymail/values.yaml | 42 +++++++++++++++++++ 7 files changed, 121 insertions(+), 6 deletions(-) create mode 100644 k8s/helm/snappymail/.helmignore create mode 100644 k8s/helm/snappymail/Chart.yaml create mode 100644 k8s/helm/snappymail/templates/NOTES.txt create mode 100644 k8s/helm/snappymail/templates/app.yaml create mode 100644 k8s/helm/snappymail/templates/tests/test-connection.yaml create mode 100644 k8s/helm/snappymail/values.yaml diff --git a/README.md b/README.md index 7f027e41..6b06ae1d 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,12 @@ easy. Contents: | Directory | Description | | --------- | ----------- | -| ansible | build your own cluster (Kubernetes or Swarm) | +| ansible | build your own Kubernetes cluster | | images | images which are published to Docker Hub | | k8s | container resources in kubernetes yaml format | | lib/build | build makefile and tools | | services | non-clustered docker-compose services | | ssl | PKI certificate tools (deprecated by k8s) | -| stacks | container resources in docker-compose format | Find images at [docker hub/instantlinux](https://hub.docker.com/r/instantlinux/). Each image is scanned by [trivy](https://trivy.dev/) to ensure they contain no known CVE vulnerabilities before promotion to Docker Hub. @@ -48,9 +47,8 @@ The cluster-deployment tools here include helm charts and ansible playbooks to s | Service | Version | Notes | | --- | --- | --- | -| artifactory | ** | binary repo | | gitea | ** | git repo | -| admin-git | [![](https://img.shields.io/docker/v/instantlinux/git-pull?sort=date)](https://hub.docker.com/r/instantlinux/git-pull "Version badge") | sync git repo across swarm | +| admin-git | [![](https://img.shields.io/docker/v/instantlinux/git-pull?sort=date)](https://hub.docker.com/r/instantlinux/git-pull "Version badge") | sync git repo across cluster | | gitea | ** | self-hosted git repo with many github features | | jira | ** | ticket tracking | | mariadb-galera | [![](https://img.shields.io/docker/v/instantlinux/mariadb-galera?sort=date)](https://hub.docker.com/r/instantlinux/mariadb-galera "Version badge") | automatic cluster setup| @@ -63,7 +61,6 @@ The cluster-deployment tools here include helm charts and ansible playbooks to s | Service | Version | Notes | | --- | --- | --- | | authelia | ** | single-signon multi-factor auth | -| cloud | ** | nextcloud, private sync like Apple iCloud | | data-sync | [![](https://img.shields.io/docker/v/instantlinux/data-sync?sort=date)](https://hub.docker.com/r/instantlinux/data-sync "Version badge") | poor-man's SAN for persistent storage | | ddclient | [![](https://img.shields.io/docker/v/instantlinux/ddclient?sort=date)](https://hub.docker.com/r/instantlinux/ddclient "Version badge") | Dynamic DNS client | | ez-ipupdate | [![](https://img.shields.io/docker/v/instantlinux/ez-ipupdate?sort=date)](https://hub.docker.com/r/instantlinux/ez-ipupdate "Version badge") | Dynamic DNS client | @@ -74,6 +71,7 @@ The cluster-deployment tools here include helm charts and ansible playbooks to s | mysqldump | [![](https://img.shields.io/docker/v/instantlinux/mysqldump?sort=date)](https://hub.docker.com/r/instantlinux/mysqldump "Version badge") | per-database alternative to xtrabackup | | nagios | [![](https://img.shields.io/docker/v/instantlinux/nagios?sort=date)](https://hub.docker.com/r/instantlinux/nagios "Version badge") | Nagios Core v4 for monitoring | | nagiosql | [![](https://img.shields.io/docker/v/instantlinux/nagiosql?sort=date)](https://hub.docker.com/r/instantlinux/nagiosql "Version badge") | NagiosQL for configuring Nagios Core v4 | +| nextcloud | ** | mobile device sync, like Apple iCloud | | node-local-dns | ** | caching resolver for reliable pod DNS | | nut-upsd | [![](https://img.shields.io/docker/v/instantlinux/nut-upsd?sort=date)](https://hub.docker.com/r/instantlinux/nut-upsd "Version badge") | Network UPS Tools | | openldap | [![](https://img.shields.io/docker/v/instantlinux/openldap?sort=date)](https://hub.docker.com/r/instantlinux/openldap "Version badge") | OpenLDAP authentication server | @@ -94,7 +92,6 @@ The cluster-deployment tools here include helm charts and ansible playbooks to s | dovecot | [![](https://img.shields.io/docker/v/instantlinux/dovecot?sort=date)](https://hub.docker.com/r/instantlinux/dovecot "Version badge") | imapd server | | postfix | [![](https://img.shields.io/docker/v/instantlinux/postfix?sort=date)](https://hub.docker.com/r/instantlinux/postfix "Version badge") | compact general-purpose image in 11MB | | postfix-python | [![](https://img.shields.io/docker/v/instantlinux/postfix-python?sort=date)](https://hub.docker.com/r/instantlinux/postfix-python "Version badge") | postfix with spam-control scripts | -| rainloop | ** | webmail imapd-client server | | snappymail | ** | webmail, forked from rainloop imapd-client server | | spamassassin | [![](https://img.shields.io/docker/v/instantlinux/spamassassin?sort=date)](https://hub.docker.com/r/instantlinux/spamassassin "Version badge") | spam control daemon | diff --git a/k8s/helm/snappymail/.helmignore b/k8s/helm/snappymail/.helmignore new file mode 100644 index 00000000..839de881 --- /dev/null +++ b/k8s/helm/snappymail/.helmignore @@ -0,0 +1,2 @@ +*~ +.git diff --git a/k8s/helm/snappymail/Chart.yaml b/k8s/helm/snappymail/Chart.yaml new file mode 100644 index 00000000..c49308e6 --- /dev/null +++ b/k8s/helm/snappymail/Chart.yaml @@ -0,0 +1,14 @@ +apiVersion: v2 +name: snappymail +description: Snappymail webmail server +home: https://github.com/instantlinux/docker-tools +sources: +- https://github.com/instantlinux/docker-tools +- https://github.com/the-djmaze/snappymail +type: application +version: 0.1.0 +appVersion: "v2.38.2" +dependencies: +- name: chartlib + version: 0.1.8 + repository: https://instantlinux.github.io/docker-tools diff --git a/k8s/helm/snappymail/templates/NOTES.txt b/k8s/helm/snappymail/templates/NOTES.txt new file mode 100644 index 00000000..62ea3f4b --- /dev/null +++ b/k8s/helm/snappymail/templates/NOTES.txt @@ -0,0 +1,28 @@ +{{- if hasKey .Values "service" }} +{{- if or .Values.service.enabled (not (hasKey .Values.service "enabled")) }} +1. Get the application URL by running these commands: +{{- if hasKey .Values "ingress" }} +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "local.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "local.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "local.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "local.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} +{{- end }} +{{- end }} +{{- end }} diff --git a/k8s/helm/snappymail/templates/app.yaml b/k8s/helm/snappymail/templates/app.yaml new file mode 100644 index 00000000..5a01911b --- /dev/null +++ b/k8s/helm/snappymail/templates/app.yaml @@ -0,0 +1,15 @@ +{{- include "chartlib.configmap" . }} +--- +{{- include "chartlib.deployment" . }} +--- +{{- include "chartlib.hpa" . }} +--- +{{- include "chartlib.ingress" . }} +--- +{{- include "chartlib.ingresstotp" . }} +--- +{{- include "chartlib.service" . }} +--- +{{- include "chartlib.serviceaccount" . }} +--- +{{- include "chartlib.statefulset" . }} diff --git a/k8s/helm/snappymail/templates/tests/test-connection.yaml b/k8s/helm/snappymail/templates/tests/test-connection.yaml new file mode 100644 index 00000000..ae159a4f --- /dev/null +++ b/k8s/helm/snappymail/templates/tests/test-connection.yaml @@ -0,0 +1,17 @@ +{{- if hasKey .Values "service" }} +apiVersion: v1 +kind: Pod +metadata: + name: "{{ include "local.fullname" . }}-test-connection" + labels: + {{- include "local.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": test +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['{{ include "local.fullname" . }}:{{ .Values.service.port }}'] + restartPolicy: Never +{{- end }} diff --git a/k8s/helm/snappymail/values.yaml b/k8s/helm/snappymail/values.yaml new file mode 100644 index 00000000..2b7117f2 --- /dev/null +++ b/k8s/helm/snappymail/values.yaml @@ -0,0 +1,42 @@ +# Default values for snappymail. +tlsHostname: snappymail.example.com +deployment: + env: + debug: "false" + log_to_stdout: "true" + memory_limit: 128M + upload_max_size: 25M + containerPorts: + - containerPort: 8888 +volumeMounts: +- mountPath: /var/lib/snappymail/_data_ + name: share + subPath: snappymail/data +volumes: +- name: share + hostPath: { path: /var/lib/docker/k8s-volumes/share } + +image: + repository: djmaze/snappymail + pullPolicy: IfNotPresent + # tag: default + +nameOverride: "" +fullnameOverride: "" + +serviceAccount: {} +service: + clusterIP: None + ports: + - { port: 80, targetPort: 8888 } + type: ClusterIP +autoscaling: + enabled: false + +ingress: + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/client-body-buffer-size: 20m + nginx.ingress.kubernetes.io/enable-access-log: "false" + nginx.ingress.kubernetes.io/proxy-body-size: 20m From 11da5403170d9711dc3eafeb791ebfd623557a32 Mon Sep 17 00:00:00 2001 From: Rich Braun Date: Fri, 23 Jan 2026 11:35:05 -0800 Subject: [PATCH 2/2] SYS-669 wip --- images/data-sync/helm/Chart.yaml | 2 +- images/data-sync/helm/values.yaml | 2 +- images/dovecot/helm/Chart.yaml | 2 +- images/dovecot/helm/values.yaml | 2 +- images/postfix-python/helm/Chart.yaml | 2 +- images/postfix-python/helm/values.yaml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/images/data-sync/helm/Chart.yaml b/images/data-sync/helm/Chart.yaml index d2197e43..a4ecc100 100644 --- a/images/data-sync/helm/Chart.yaml +++ b/images/data-sync/helm/Chart.yaml @@ -5,7 +5,7 @@ home: https://github.com/instantlinux/docker-tools sources: - https://github.com/instantlinux/docker-tools type: application -version: 0.1.15 +version: 0.1.16 appVersion: "2.53.8-4.14.2-r2" dependencies: - name: chartlib diff --git a/images/data-sync/helm/values.yaml b/images/data-sync/helm/values.yaml index c9e1c6f0..03395741 100644 --- a/images/data-sync/helm/values.yaml +++ b/images/data-sync/helm/values.yaml @@ -115,7 +115,7 @@ configmap: ignore = Path data-sync/share/artifactory/data/logs/request.log ignore = Path data-sync/share/nagios/var/rw ignore = Path data-sync/share/openldap/data/lock.mdb - ignore = Path data-sync/share/rainloop/data/_data_/_default_/cache + ignore = Path data-sync/share/snappymail/data/_data_/_default_/cache ignore = Path data-sync/dos ignore = Path data-sync/gitlab/data/gitaly ignore = Path data-sync/home/*/.kube/cache diff --git a/images/dovecot/helm/Chart.yaml b/images/dovecot/helm/Chart.yaml index 10e0c8f5..32209515 100644 --- a/images/dovecot/helm/Chart.yaml +++ b/images/dovecot/helm/Chart.yaml @@ -6,7 +6,7 @@ sources: - https://github.com/instantlinux/docker-tools - https://github.com/vdukhovni/dovecot type: application -version: 0.1.11 +version: 0.1.12 # appVersion: "2.4.1-r2" appVersion: "2.3.21.1-r0" dependencies: diff --git a/images/dovecot/helm/values.yaml b/images/dovecot/helm/values.yaml index c333424f..b5bc5844 100644 --- a/images/dovecot/helm/values.yaml +++ b/images/dovecot/helm/values.yaml @@ -156,7 +156,7 @@ volumes: secretName: postfix-sasl-passwd - name: ssl-cert secret: - secretName: tls-rainloop + secretName: tls-snappymail image: repository: instantlinux/dovecot pullPolicy: IfNotPresent diff --git a/images/postfix-python/helm/Chart.yaml b/images/postfix-python/helm/Chart.yaml index 34b865e1..a6da6105 100644 --- a/images/postfix-python/helm/Chart.yaml +++ b/images/postfix-python/helm/Chart.yaml @@ -6,7 +6,7 @@ sources: - https://github.com/instantlinux/docker-tools - https://github.com/vdukhovni/postfix type: application -version: 0.1.20 +version: 0.1.21 appVersion: "3.10.7-r0" dependencies: - name: chartlib diff --git a/images/postfix-python/helm/values.yaml b/images/postfix-python/helm/values.yaml index 477438cb..b3d1e7d6 100644 --- a/images/postfix-python/helm/values.yaml +++ b/images/postfix-python/helm/values.yaml @@ -139,7 +139,7 @@ volumes: secretName: postfix-sasl-passwd - name: ssl-cert secret: - secretName: tls-rainloop + secretName: tls-snappymail volumeClaimTemplates: - metadata: name: spool