Files
argocd-apps/apps/base/mailgateway/postfix-deployment.yaml
T
unkinben 5b3058e75e fix(postfix): use hash: transport_maps with postmap init container
- Splits hash-type map files into a separate postfix-maps ConfigMap
- Adds postmap init container that builds .db files from all maps into
  a postfix-db emptyDir, which is then subPath-mounted per map in the
  main container
- Updates transport_maps in main.cf to hash:/etc/postfix/transport
2026-05-24 20:38:27 +10:00

106 lines
3.0 KiB
YAML

---
apiVersion: apps/v1
kind: Deployment
metadata:
name: postfix
namespace: mailgateway
spec:
selector:
matchLabels:
app: postfix
template:
metadata:
annotations:
reloader.stakater.com/auto: "true"
labels:
app: postfix
spec:
initContainers:
- name: postmap
image: tozd/postfix:alpine-322
command: ["/bin/sh", "-c"]
args:
- |
for f in /etc/postfix/maps/*; do
base=$(basename "$f")
cp "$f" /tmp/"$base"
postmap hash:/tmp/"$base"
cp /tmp/"${base}.db" /etc/postfix/db/
done
volumeMounts:
- name: postfix-maps
mountPath: /etc/postfix/maps
readOnly: true
- name: postfix-db
mountPath: /etc/postfix/db
containers:
- name: postfix
image: tozd/postfix:alpine-322
ports:
- containerPort: 25
name: smtp
protocol: TCP
- containerPort: 587
name: submission
protocol: TCP
env:
# Keep these in sync with main.cf so the tozd startup postconf calls are no-ops
- name: MAILNAME
value: "mail.main.unkin.net"
- name: MY_NETWORKS
value: "127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16"
- name: MY_DESTINATION
value: "localhost.localdomain, localhost"
- name: LOG_TO_STDOUT
value: "1"
livenessProbe:
tcpSocket:
port: 25
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
tcpSocket:
port: 25
initialDelaySeconds: 15
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 3
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: "1"
memory: 512Mi
volumeMounts:
- name: postfix-config
mountPath: /etc/postfix/main.cf
subPath: main.cf
- name: postfix-config
mountPath: /etc/postfix/master.cf
subPath: master.cf
- name: postfix-db
mountPath: /etc/postfix/transport.db
subPath: transport.db
- name: postfix-tls
mountPath: /etc/postfix/tls
readOnly: true
- name: spool
mountPath: /var/spool/postfix
volumes:
- name: postfix-config
configMap:
name: postfix-config
- name: postfix-maps
configMap:
name: postfix-maps
- name: postfix-db
emptyDir: {}
- name: postfix-tls
secret:
secretName: postfix-smtp-tls
- name: spool
emptyDir: {}