SYS-669 replace rainloop with snappymail

README.md

@@ -9,13 +9,12 @@ easy. Contents:
 
 | Directory | Description |
 | --------- | ----------- |
-| ansible | build your own cluster (Kubernetes or Swarm) |
+| ansible | build your own Kubernetes cluster |
 | images | images which are published to Docker Hub |
 | k8s | container resources in kubernetes yaml format |
 | lib/build | build makefile and tools |
 | services | non-clustered docker-compose services |
 | ssl | PKI certificate tools (deprecated by k8s) |
-| stacks | container resources in docker-compose format |
 
 Find images at [docker hub/instantlinux](https://hub.docker.com/r/instantlinux/). Each image is scanned by [trivy](https://trivy.dev/) to ensure they contain no known CVE vulnerabilities before promotion to Docker Hub.
 
@@ -48,9 +47,8 @@ The cluster-deployment tools here include helm charts and ansible playbooks to s
 
 | Service | Version | Notes |
 | --- | --- | --- |
-| artifactory | ** | binary repo |
 | gitea | ** | git repo |
-| admin-git | [![](https://img.shields.io/docker/v/instantlinux/git-pull?sort=date)](https://hub.docker.com/r/instantlinux/git-pull "Version badge") | sync git repo across swarm |
+| admin-git | [![](https://img.shields.io/docker/v/instantlinux/git-pull?sort=date)](https://hub.docker.com/r/instantlinux/git-pull "Version badge") | sync git repo across cluster |
 | gitea | ** | self-hosted git repo with many github features |
 | jira | ** | ticket tracking |
 | mariadb-galera | [![](https://img.shields.io/docker/v/instantlinux/mariadb-galera?sort=date)](https://hub.docker.com/r/instantlinux/mariadb-galera "Version badge") | automatic cluster setup|
@@ -63,7 +61,6 @@ The cluster-deployment tools here include helm charts and ansible playbooks to s
 | Service | Version | Notes |
 | --- | --- | --- |
 | authelia | ** | single-signon multi-factor auth |
-| cloud | ** | nextcloud, private sync like Apple iCloud |
 | data-sync | [![](https://img.shields.io/docker/v/instantlinux/data-sync?sort=date)](https://hub.docker.com/r/instantlinux/data-sync "Version badge") | poor-man's SAN for persistent storage |
 | ddclient | [![](https://img.shields.io/docker/v/instantlinux/ddclient?sort=date)](https://hub.docker.com/r/instantlinux/ddclient "Version badge") | Dynamic DNS client |
 | ez-ipupdate | [![](https://img.shields.io/docker/v/instantlinux/ez-ipupdate?sort=date)](https://hub.docker.com/r/instantlinux/ez-ipupdate "Version badge") | Dynamic DNS client |
@@ -74,6 +71,7 @@ The cluster-deployment tools here include helm charts and ansible playbooks to s
 | mysqldump | [![](https://img.shields.io/docker/v/instantlinux/mysqldump?sort=date)](https://hub.docker.com/r/instantlinux/mysqldump "Version badge") | per-database alternative to xtrabackup |
 | nagios | [![](https://img.shields.io/docker/v/instantlinux/nagios?sort=date)](https://hub.docker.com/r/instantlinux/nagios "Version badge") | Nagios Core v4 for monitoring |
 | nagiosql | [![](https://img.shields.io/docker/v/instantlinux/nagiosql?sort=date)](https://hub.docker.com/r/instantlinux/nagiosql "Version badge") | NagiosQL for configuring Nagios Core v4 |
+| nextcloud | ** | mobile device sync, like Apple iCloud |
 | node-local-dns | ** | caching resolver for reliable pod DNS |
 | nut-upsd | [![](https://img.shields.io/docker/v/instantlinux/nut-upsd?sort=date)](https://hub.docker.com/r/instantlinux/nut-upsd "Version badge") | Network UPS Tools |
 | openldap | [![](https://img.shields.io/docker/v/instantlinux/openldap?sort=date)](https://hub.docker.com/r/instantlinux/openldap "Version badge") | OpenLDAP authentication server |
@@ -94,7 +92,6 @@ The cluster-deployment tools here include helm charts and ansible playbooks to s
 | dovecot | [![](https://img.shields.io/docker/v/instantlinux/dovecot?sort=date)](https://hub.docker.com/r/instantlinux/dovecot "Version badge") | imapd server |
 | postfix | [![](https://img.shields.io/docker/v/instantlinux/postfix?sort=date)](https://hub.docker.com/r/instantlinux/postfix "Version badge") | compact general-purpose image in 11MB |
 | postfix-python | [![](https://img.shields.io/docker/v/instantlinux/postfix-python?sort=date)](https://hub.docker.com/r/instantlinux/postfix-python "Version badge") | postfix with spam-control scripts |
-| rainloop | ** | webmail imapd-client server |
 | snappymail | ** | webmail, forked from rainloop imapd-client server |
 | spamassassin | [![](https://img.shields.io/docker/v/instantlinux/spamassassin?sort=date)](https://hub.docker.com/r/instantlinux/spamassassin "Version badge") | spam control daemon |
 

images/data-sync/helm/Chart.yaml

@@ -5,7 +5,7 @@ home: https://github.com/instantlinux/docker-tools
 sources:
 - https://github.com/instantlinux/docker-tools
 type: application
-version: 0.1.15
+version: 0.1.16
 appVersion: "2.53.8-4.14.2-r2"
 dependencies:
 - name: chartlib

images/data-sync/helm/values.yaml

@@ -115,7 +115,7 @@ configmap:
       ignore = Path data-sync/share/artifactory/data/logs/request.log
       ignore = Path data-sync/share/nagios/var/rw
       ignore = Path data-sync/share/openldap/data/lock.mdb
-      ignore = Path data-sync/share/rainloop/data/_data_/_default_/cache
+      ignore = Path data-sync/share/snappymail/data/_data_/_default_/cache
       ignore = Path data-sync/dos
       ignore = Path data-sync/gitlab/data/gitaly
       ignore = Path data-sync/home/*/.kube/cache

images/dovecot/helm/Chart.yaml

@@ -6,7 +6,7 @@ sources:
 - https://github.com/instantlinux/docker-tools
 - https://github.com/vdukhovni/dovecot
 type: application
-version: 0.1.11
+version: 0.1.12
   # appVersion: "2.4.1-r2"
 appVersion: "2.3.21.1-r0"
 dependencies:

images/dovecot/helm/values.yaml

@@ -156,7 +156,7 @@ volumes:
     secretName: postfix-sasl-passwd
 - name: ssl-cert
   secret:
-    secretName: tls-rainloop
+    secretName: tls-snappymail
 image:
   repository: instantlinux/dovecot
   pullPolicy: IfNotPresent

images/postfix-python/helm/Chart.yaml

@@ -6,7 +6,7 @@ sources:
 - https://github.com/instantlinux/docker-tools
 - https://github.com/vdukhovni/postfix
 type: application
-version: 0.1.20
+version: 0.1.21
 appVersion: "3.10.7-r0"
 dependencies:
 - name: chartlib

images/postfix-python/helm/values.yaml

@@ -139,7 +139,7 @@ volumes:
     secretName: postfix-sasl-passwd
 - name: ssl-cert
   secret:
-    secretName: tls-rainloop
+    secretName: tls-snappymail
 volumeClaimTemplates:
 - metadata:
     name: spool

k8s/helm/snappymail/.helmignore

@@ -0,0 +1,2 @@
+*~
+.git

k8s/helm/snappymail/Chart.yaml

@@ -0,0 +1,14 @@
+apiVersion: v2
+name: snappymail
+description: Snappymail webmail server
+home: https://github.com/instantlinux/docker-tools
+sources:
+- https://github.com/instantlinux/docker-tools
+- https://github.com/the-djmaze/snappymail
+type: application
+version: 0.1.0
+appVersion: "v2.38.2"
+dependencies:
+- name: chartlib
+  version: 0.1.8
+  repository: https://instantlinux.github.io/docker-tools

k8s/helm/snappymail/templates/NOTES.txt

@@ -0,0 +1,28 @@
+{{- if hasKey .Values "service" }}
+{{- if or .Values.service.enabled (not (hasKey .Values.service "enabled")) }}
+1. Get the application URL by running these commands:
+{{- if hasKey .Values "ingress" }}
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "local.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "local.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "local.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "local.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end }}

k8s/helm/snappymail/templates/app.yaml

@@ -0,0 +1,15 @@
+{{- include "chartlib.configmap" . }}
+---
+{{- include "chartlib.deployment" . }}
+---
+{{- include "chartlib.hpa" . }}
+---
+{{- include "chartlib.ingress" . }}
+---
+{{- include "chartlib.ingresstotp" . }}
+---
+{{- include "chartlib.service" . }}
+---
+{{- include "chartlib.serviceaccount" . }}
+---
+{{- include "chartlib.statefulset" . }}

k8s/helm/snappymail/templates/tests/test-connection.yaml

@@ -0,0 +1,17 @@
+{{- if hasKey .Values "service" }}
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ include "local.fullname" . }}-test-connection"
+  labels:
+    {{- include "local.labels" . | nindent 4 }}
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+    - name: wget
+      image: busybox
+      command: ['wget']
+      args: ['{{ include "local.fullname" . }}:{{ .Values.service.port }}']
+  restartPolicy: Never
+{{- end }}

k8s/helm/snappymail/values.yaml

@@ -0,0 +1,42 @@
+# Default values for snappymail.
+tlsHostname: snappymail.example.com
+deployment:
+  env:
+    debug: "false"
+    log_to_stdout: "true"
+    memory_limit: 128M
+    upload_max_size: 25M
+  containerPorts:
+  - containerPort: 8888
+volumeMounts:
+- mountPath: /var/lib/snappymail/_data_
+  name: share
+  subPath: snappymail/data
+volumes:
+- name: share
+  hostPath: { path: /var/lib/docker/k8s-volumes/share }
+
+image:
+  repository: djmaze/snappymail
+  pullPolicy: IfNotPresent
+  # tag: default
+
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount: {}
+service:
+  clusterIP: None
+  ports:
+  - { port: 80, targetPort: 8888 }
+  type: ClusterIP
+autoscaling:
+  enabled: false
+
+ingress:
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/client-body-buffer-size: 20m
+    nginx.ingress.kubernetes.io/enable-access-log: "false"
+    nginx.ingress.kubernetes.io/proxy-body-size: 20m