feat: manage haproxy for stalwart (#420)
- add frontends for imap, imaps and smtp - add backends for webadmin, imap, imaps and smtp Reviewed-on: #420
This commit was merged in pull request #420.
This commit is contained in:
@@ -163,6 +163,39 @@ profiles::haproxy::frontends:
|
||||
- 'set-header X-Forwarded-Proto https'
|
||||
- 'set-header X-Real-IP %[src]'
|
||||
- 'use-service prometheus-exporter if { path /metrics }'
|
||||
fe_imap:
|
||||
description: 'Frontend for Stalwart IMAP (STARTTLS)'
|
||||
bind:
|
||||
0.0.0.0:143: []
|
||||
mode: 'tcp'
|
||||
options:
|
||||
log: global
|
||||
default_backend: be_stalwart_imap
|
||||
tcp-request:
|
||||
- inspect-delay 5s
|
||||
- content accept if { req_len 0 }
|
||||
fe_imaps:
|
||||
description: 'Frontend for Stalwart IMAPS (implicit TLS)'
|
||||
bind:
|
||||
0.0.0.0:993: []
|
||||
mode: 'tcp'
|
||||
options:
|
||||
log: global
|
||||
default_backend: be_stalwart_imaps
|
||||
tcp-request:
|
||||
- inspect-delay 5s
|
||||
- content accept if { req_len 0 }
|
||||
fe_smtp:
|
||||
description: 'Frontend for Stalwart SMTP'
|
||||
bind:
|
||||
0.0.0.0:25: []
|
||||
mode: 'tcp'
|
||||
options:
|
||||
log: global
|
||||
default_backend: be_stalwart_smtp
|
||||
tcp-request:
|
||||
- inspect-delay 5s
|
||||
- content accept if { req_len 0 }
|
||||
|
||||
profiles::haproxy::backends:
|
||||
be_letsencrypt:
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
hiera_include:
|
||||
- stalwart
|
||||
- profiles::sql::postgresdb
|
||||
- profiles::stalwart::haproxy
|
||||
|
||||
# additional altnames
|
||||
profiles::pki::vault::alt_names:
|
||||
@@ -13,6 +14,8 @@ profiles::sql::postgresdb::cluster_name: "patroni-shared-%{facts.environment}"
|
||||
profiles::sql::postgresdb::dbname: stalwart
|
||||
profiles::sql::postgresdb::dbuser: stalwart
|
||||
|
||||
# export backends to haproxy
|
||||
profiles::stalwart::haproxy::enable: true
|
||||
|
||||
# Cluster role for node discovery
|
||||
stalwart::cluster_role: "%{facts.enc_role}"
|
||||
@@ -32,7 +35,7 @@ stalwart::s3_region: "%{facts.region}"
|
||||
stalwart::domains:
|
||||
- 'mail.unkin.net'
|
||||
stalwart::postfix_relay_host: 'out-mta.main.unkin.net'
|
||||
stalwart::manage_dns_records: true # DNS records point to individual servers
|
||||
stalwart::manage_dns_records: false
|
||||
|
||||
## With load balancer:
|
||||
#stalwart::manage_dns_records: true
|
||||
|
||||
Reference in New Issue
Block a user