diff --git a/library/ix-dev/community/roundcube/Chart.lock b/library/ix-dev/community/roundcube/Chart.lock new file mode 100644 index 0000000000..6c92a53db1 --- /dev/null +++ b/library/ix-dev/community/roundcube/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../../../common + version: 1.2.6 +digest: sha256:956cef64e364b567d2e5327a00e60b68f3ef765e003d6c35afc143bb81ecc26b +generated: "2023-12-27T13:14:19.924272436+02:00" diff --git a/library/ix-dev/community/roundcube/Chart.yaml b/library/ix-dev/community/roundcube/Chart.yaml new file mode 100644 index 0000000000..e689733ea6 --- /dev/null +++ b/library/ix-dev/community/roundcube/Chart.yaml @@ -0,0 +1,26 @@ +name: roundcube +description: Roundcube is a browser-based multilingual IMAP client with an application-like user interface. +annotations: + title: Roundcube +type: application +version: 1.0.0 +apiVersion: v2 +appVersion: 1.6.5 +kubeVersion: '>=1.16.0-0' +maintainers: + - name: truenas + url: https://www.truenas.com/ + email: dev@ixsystems.com +dependencies: + - name: common + repository: file://../../../common + version: 1.2.6 +home: https://roundcube.net/ +icon: https://media.sys.truenas.net/apps/roundcube/icons/icon.png +sources: + - https://roundcube.net/ + - https://github.com/truenas/charts/tree/master/community/roundcube + - https://hub.docker.com/r/roundcube/roundcubemail/ +keywords: + - webmail + - email diff --git a/library/ix-dev/community/roundcube/README.md b/library/ix-dev/community/roundcube/README.md new file mode 100644 index 0000000000..ebe4a5a535 --- /dev/null +++ b/library/ix-dev/community/roundcube/README.md @@ -0,0 +1,11 @@ +# Roundcube + +[Roundcube](https://roundcube.net/) is a browser-based multilingual IMAP client with an application-like user interface. + +> When application is installed, a container will be launched with **root** privileges. +> This is required in order to apply the correct permissions to the `postgres` directories. +> Afterward, the `postgres` container will run as a **non**-root user (`999`). +> On each upgrade, a container will be launched with **root** privileges in order to apply the correct +> permissions to the `postgres` **backups** directory. Container that performs the backup will run as a **non**-root user (`999`) afterwards. +> Keep in mind the permissions on the backup directory will be changed to `999:999` on **every** update. +> But will only be changed once for the `postgres` data directories. diff --git a/library/ix-dev/community/roundcube/app-readme.md b/library/ix-dev/community/roundcube/app-readme.md new file mode 100644 index 0000000000..ebe4a5a535 --- /dev/null +++ b/library/ix-dev/community/roundcube/app-readme.md @@ -0,0 +1,11 @@ +# Roundcube + +[Roundcube](https://roundcube.net/) is a browser-based multilingual IMAP client with an application-like user interface. + +> When application is installed, a container will be launched with **root** privileges. +> This is required in order to apply the correct permissions to the `postgres` directories. +> Afterward, the `postgres` container will run as a **non**-root user (`999`). +> On each upgrade, a container will be launched with **root** privileges in order to apply the correct +> permissions to the `postgres` **backups** directory. Container that performs the backup will run as a **non**-root user (`999`) afterwards. +> Keep in mind the permissions on the backup directory will be changed to `999:999` on **every** update. +> But will only be changed once for the `postgres` data directories. diff --git a/library/ix-dev/community/roundcube/charts/common-1.2.6.tgz b/library/ix-dev/community/roundcube/charts/common-1.2.6.tgz new file mode 100644 index 0000000000..aa6d8b92c8 Binary files /dev/null and b/library/ix-dev/community/roundcube/charts/common-1.2.6.tgz differ diff --git a/library/ix-dev/community/roundcube/ci/basic-values.yaml b/library/ix-dev/community/roundcube/ci/basic-values.yaml new file mode 100644 index 0000000000..84b39d8b22 --- /dev/null +++ b/library/ix-dev/community/roundcube/ci/basic-values.yaml @@ -0,0 +1,17 @@ +roundcubeNetwork: + webPort: 31000 + +roundcubeStorage: + html: + type: pvc + config: + type: pvc + temps: + type: pvc + pgData: + type: pvc + pgBackup: + type: emptyDir + emptyDirConfig: + medium: "" + size: "" diff --git a/library/ix-dev/community/roundcube/item.yaml b/library/ix-dev/community/roundcube/item.yaml new file mode 100644 index 0000000000..05435084dd --- /dev/null +++ b/library/ix-dev/community/roundcube/item.yaml @@ -0,0 +1,12 @@ +icon_url: https://media.sys.truenas.net/apps/roundcube/icons/icon.png +categories: + - productivity +screenshots: + - https://media.sys.truenas.net/apps/roundcube/screenshots/screenshot1.png + - https://media.sys.truenas.net/apps/roundcube/screenshots/screenshot2.png + - https://media.sys.truenas.net/apps/roundcube/screenshots/screenshot3.png + - https://media.sys.truenas.net/apps/roundcube/screenshots/screenshot4.png + - https://media.sys.truenas.net/apps/roundcube/screenshots/screenshot5.png +tags: + - webmail + - email diff --git a/library/ix-dev/community/roundcube/metadata.yaml b/library/ix-dev/community/roundcube/metadata.yaml new file mode 100644 index 0000000000..a23dc49ec8 --- /dev/null +++ b/library/ix-dev/community/roundcube/metadata.yaml @@ -0,0 +1,23 @@ +runAsContext: + - userName: root + groupName: root + gid: 0 + uid: 0 + description: Roundcube runs as root user + - userName: postgres + groupName: postgres + gid: 999 + uid: 999 + description: Postgres runs as a non-root user. +capabilities: + - name: CHOWN + description: Roundcube is able to chown files. + - name: SETGID + description: Roundcube is able to set group ID for it's sub-processes. + - name: SETUID + description: Roundcube is able to set user ID for it's sub-processes. + - name: FOWNER + description: Roundcube is able to bypass permission checks for chown. + - name: DAC_OVERRIDE + description: Roundcube is able to bypass permission checks. +hostMounts: [] diff --git a/library/ix-dev/community/roundcube/questions.yaml b/library/ix-dev/community/roundcube/questions.yaml new file mode 100644 index 0000000000..67c3bb9a64 --- /dev/null +++ b/library/ix-dev/community/roundcube/questions.yaml @@ -0,0 +1,743 @@ +groups: + - name: Roundcube Configuration + description: Configure Roundcube + - name: Network Configuration + description: Configure Network for Roundcube + - name: Storage Configuration + description: Configure Storage for Roundcube + - name: Resources Configuration + description: Configure Resources for Roundcube + +portals: + web_portal: + protocols: + - "$kubernetes-resource_configmap_portal_protocol" + host: + - "$kubernetes-resource_configmap_portal_host" + ports: + - "$kubernetes-resource_configmap_portal_port" + path: "$kubernetes-resource_configmap_portal_path" + +questions: + + - variable: roundcubeConfig + label: "" + group: Roundcube Configuration + schema: + type: dict + attrs: + - variable: defaultHost + label: Default Host (IMAP) + description: The default host to connect to. + schema: + type: string + default: "" + required: true + - variable: defaultPort + label: Default Port (IMAP) + description: The default port to connect to. + schema: + type: int + default: 143 + min: 1 + max: 65535 + required: true + - variable: smtpServer + label: SMTP Server + description: The SMTP server to use. + schema: + type: string + default: "" + required: true + - variable: smtpPort + label: SMTP Port + description: The SMTP port to use. + schema: + type: int + default: 587 + min: 1 + max: 65535 + required: true + - variable: skin + label: Skin + description: | + Configures the default theme
+ If you don't have the theme installed, + it will show an error on all pages. + schema: + type: string + default: elastic + required: true + - variable: uploadMaxSize + label: Upload Max Size + description: The maximum size of an upload in MB.
+ schema: + type: int + default: 5 + min: 1 + required: true + - variable: aspellDicts + label: Aspell Dictionaries + description: A list of aspell dictionaries to install. + schema: + type: list + default: [] + items: + - variable: aspellDict + label: Aspell Dictionary + schema: + type: string + required: true + - variable: plugins + label: Plugins + description: A list of plugins to enable. + schema: + type: list + default: + - archive + - zipdownload + items: + - variable: plugin + label: Plugin + schema: + type: string + required: true + + - variable: additionalEnvs + label: Additional Environment Variables + description: Configure additional environment variables for Roundcube. + schema: + type: list + default: [] + items: + - variable: env + label: Environment Variable + schema: + type: dict + attrs: + - variable: name + label: Name + schema: + type: string + required: true + - variable: value + label: Value + schema: + type: string + required: true + + - variable: roundcubeNetwork + label: "" + group: Network Configuration + schema: + type: dict + attrs: + - variable: webPort + label: Web Port + description: The port for the Roundcube WebUI. + schema: + type: int + default: 31007 + min: 9000 + max: 65535 + required: true + + - variable: roundcubeStorage + label: "" + group: Storage Configuration + schema: + type: dict + attrs: + - variable: html + label: Roundcube HTML Storage + description: The path to store Roundcube HTML. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + immutable: true + default: ixVolume + enum: + - value: hostPath + description: Host Path (Path that already exists on the system) + - value: ixVolume + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "html" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Configuration + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + - variable: config + label: Roundcube Config Storage + description: The path to store Roundcube Config. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + immutable: true + default: ixVolume + enum: + - value: hostPath + description: Host Path (Path that already exists on the system) + - value: ixVolume + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "config" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Configuration + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + - variable: temps + label: Roundcube Temp Storage + description: The path to store Roundcube Temp. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + immutable: true + default: ixVolume + enum: + - value: hostPath + description: Host Path (Path that already exists on the system) + - value: ixVolume + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "temps" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Configuration + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + + - variable: pgData + label: Roundcube Postgres Data Storage + description: The path to store Roundcube Postgres Data. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + immutable: true + default: ixVolume + enum: + - value: hostPath + description: Host Path (Path that already exists on the system) + - value: ixVolume + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + # Nothing to show for the user + hidden: true + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + # Postgres does a CHMOD at startup + # Which fails with ACL + hidden: true + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "pgData" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Configuration + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + # Postgres does a CHMOD at startup + # Which fails with ACL + hidden: true + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + + - variable: pgBackup + label: Roundcube Postgres Backup Storage + description: The path to store Roundcube Postgres Backup. + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system. + schema: + type: string + required: true + immutable: true + default: ixVolume + enum: + - value: hostPath + description: Host Path (Path that already exists on the system) + - value: ixVolume + description: ixVolume (Dataset created automatically by the system) + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + # Nothing to show for the user + hidden: true + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + # Postgres does a CHMOD at startup + # Which fails with ACL + hidden: true + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + hidden: true + default: "pgBackup" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: hostPathConfig + label: Host Path Configuration + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + # Postgres does a CHMOD at startup + # Which fails with ACL + hidden: true + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + + - variable: additionalStorages + label: Additional Storage + description: Additional storage for Roundcube. + schema: + type: list + default: [] + items: + - variable: storageEntry + label: Storage Entry + schema: + type: dict + attrs: + - variable: type + label: Type + description: | + ixVolume: Is dataset created automatically by the system.
+ Host Path: Is a path that already exists on the system.
+ SMB Share: Is a SMB share that is mounted to a persistent volume claim. + schema: + type: string + required: true + default: "ixVolume" + immutable: true + enum: + - value: "hostPath" + description: Host Path (Path that already exists on the system) + - value: "ixVolume" + description: ixVolume (Dataset created automatically by the system) + - value: "smb-pv-pvc" + description: SMB Share (Mounts a persistent volume claim to a SMB share) + - variable: readOnly + label: Read Only + description: Mount the volume as read only. + schema: + type: boolean + default: false + - variable: mountPath + label: Mount Path + description: The path inside the container to mount the storage. + schema: + type: path + required: true + - variable: hostPathConfig + label: Host Path Configuration + schema: + type: dict + show_if: [["type", "=", "hostPath"]] + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: acl + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + $ref: + - "normalize/acl" + - variable: hostPath + label: Host Path + description: The host path to use for storage. + schema: + type: hostpath + show_if: [["aclEnable", "=", false]] + required: true + - variable: ixVolumeConfig + label: ixVolume Configuration + description: The configuration for the ixVolume dataset. + schema: + type: dict + show_if: [["type", "=", "ixVolume"]] + $ref: + - "normalize/ixVolume" + attrs: + - variable: aclEnable + label: Enable ACL + description: Enable ACL for the dataset. + schema: + type: boolean + default: false + - variable: datasetName + label: Dataset Name + description: The name of the dataset to use for storage. + schema: + type: string + required: true + immutable: true + default: "storage_entry" + - variable: aclEntries + label: ACL Configuration + schema: + type: dict + show_if: [["aclEnable", "=", true]] + attrs: [] + - variable: smbConfig + label: SMB Share Configuration + description: The configuration for the SMB Share. + schema: + type: dict + show_if: [["type", "=", "smb-pv-pvc"]] + attrs: + - variable: server + label: Server + description: The server for the SMB share. + schema: + type: string + required: true + - variable: share + label: Share + description: The share name for the SMB share. + schema: + type: string + required: true + - variable: domain + label: Domain (Optional) + description: The domain for the SMB share. + schema: + type: string + - variable: username + label: Username + description: The username for the SMB share. + schema: + type: string + required: true + - variable: password + label: Password + description: The password for the SMB share. + schema: + type: string + required: true + private: true + - variable: size + label: Size (in Gi) + description: The size of the volume quota. + schema: + type: int + required: true + min: 1 + default: 1 + + - variable: resources + label: "" + group: Resources Configuration + schema: + type: dict + attrs: + - variable: limits + label: Limits + schema: + type: dict + attrs: + - variable: cpu + label: CPU + description: CPU limit for Roundcube. + schema: + type: string + max_length: 6 + valid_chars: '^(0\.[1-9]|[1-9][0-9]*)(\.[0-9]|m?)$' + valid_chars_error: | + Valid CPU limit formats are
+ - Plain Integer - eg. 1
+ - Float - eg. 0.5
+ - Milicpu - eg. 500m + default: "4000m" + required: true + - variable: memory + label: Memory + description: Memory limit for Roundcube. + schema: + type: string + max_length: 12 + valid_chars: '^[1-9][0-9]*([EPTGMK]i?|e[0-9]+)?$' + valid_chars_error: | + Valid Memory limit formats are
+ - Suffixed with E/P/T/G/M/K - eg. 1G
+ - Suffixed with Ei/Pi/Ti/Gi/Mi/Ki - eg. 1Gi
+ - Plain Integer in bytes - eg. 1024
+ - Exponent - eg. 134e6 + default: "8Gi" + required: true diff --git a/library/ix-dev/community/roundcube/templates/NOTES.txt b/library/ix-dev/community/roundcube/templates/NOTES.txt new file mode 100644 index 0000000000..ba4e01146c --- /dev/null +++ b/library/ix-dev/community/roundcube/templates/NOTES.txt @@ -0,0 +1 @@ +{{ include "ix.v1.common.lib.chart.notes" $ }} diff --git a/library/ix-dev/community/roundcube/templates/_configuration.tpl b/library/ix-dev/community/roundcube/templates/_configuration.tpl new file mode 100644 index 0000000000..dd610e1888 --- /dev/null +++ b/library/ix-dev/community/roundcube/templates/_configuration.tpl @@ -0,0 +1,54 @@ +{{- define "roundcube.configuration" -}} + + {{- $fullname := (include "ix.v1.common.lib.chart.names.fullname" $) -}} + + {{- $dbHost := (printf "%s-postgres" $fullname) -}} + {{- $dbUser := "roundcube" -}} + {{- $dbName := "roundcube" -}} + + {{- $dbPass := (randAlphaNum 32) -}} + {{- with (lookup "v1" "Secret" .Release.Namespace (printf "%s-postgres-creds" $fullname)) -}} + {{- $dbPass = ((index .data "POSTGRES_PASSWORD") | b64dec) -}} + {{- end -}} + + {{/* Temporary set dynamic db details on values, + so we can print them on the notes */}} + {{- $_ := set .Values "roundcubeDbPass" $dbPass -}} + {{- $_ := set .Values "roundcubeDbHost" $dbHost -}} + + {{- $dbURL := (printf "postgres://%s:%s@%s:5432/%s?sslmode=disable" $dbUser $dbPass $dbHost $dbName) }} +secret: + postgres-creds: + enabled: true + data: + POSTGRES_USER: {{ $dbUser }} + POSTGRES_DB: {{ $dbName }} + POSTGRES_PASSWORD: {{ $dbPass }} + POSTGRES_HOST: {{ $dbHost }} + POSTGRES_URL: {{ $dbURL }} + + roundcube-creds: + enabled: true + data: + ROUNDCUBEMAIL_DB_TYPE: pgsql + ROUNDCUBEMAIL_DB_HOST: {{ $dbHost }} + ROUNDCUBEMAIL_DB_PORT: "5432" + ROUNDCUBEMAIL_DB_USER: {{ $dbUser }} + ROUNDCUBEMAIL_DB_PASSWORD: {{ $dbPass }} + ROUNDCUBEMAIL_DB_NAME: {{ $dbName }} + +configmap: + roundcube-config: + enabled: true + data: + ROUNDCUBEMAIL_SKIN: {{ .Values.roundcubeConfig.skin }} + {{/* IMAP */}} + ROUNDCUBEMAIL_DEFAULT_HOST: {{ .Values.roundcubeConfig.defaultHost | quote }} + ROUNDCUBEMAIL_DEFAULT_PORT: {{ .Values.roundcubeConfig.defaultPort | quote }} + {{/* SMTP */}} + ROUNDCUBEMAIL_SMTP_SERVER: {{ .Values.roundcubeConfig.smtpServer | quote }} + ROUNDCUBEMAIL_SMTP_PORT: {{ .Values.roundcubeConfig.smtpPort | quote }} + ROUNDCUBEMAIL_PLUGINS: {{ join "," .Values.roundcubeConfig.plugins | quote }} + ROUNDCUBEMAIL_ASPELL_PACKAGES: {{ join "," .Values.roundcubeConfig.aspellDicts | quote }} + ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE: {{ printf "%vM" .Values.roundcubeConfig.uploadMaxSize | quote }} +{{- end -}} diff --git a/library/ix-dev/community/roundcube/templates/_persistence.tpl b/library/ix-dev/community/roundcube/templates/_persistence.tpl new file mode 100644 index 0000000000..934691e65d --- /dev/null +++ b/library/ix-dev/community/roundcube/templates/_persistence.tpl @@ -0,0 +1,47 @@ +{{- define "roundcube.persistence" -}} +persistence: + html: + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.roundcubeStorage.html) | nindent 4 }} + targetSelector: + roundcube: + roundcube: + mountPath: /var/www/html + config: + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.roundcubeStorage.config) | nindent 4 }} + targetSelector: + roundcube: + roundcube: + mountPath: /var/roundcube/config + temps: + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" .Values.roundcubeStorage.temps) | nindent 4 }} + targetSelector: + roundcube: + roundcube: + mountPath: /tmp/roundcube-temp + tmp: + enabled: true + type: emptyDir + targetSelector: + roundcube: + roundcube: + mountPath: /tmp + + {{- range $idx, $storage := .Values.roundcubeStorage.additionalStorages }} + {{ printf "roundcube-%v:" (int $idx) }} + enabled: true + {{- include "ix.v1.common.app.storageOptions" (dict "storage" $storage) | nindent 4 }} + targetSelector: + roundcube: + roundcube: + mountPath: {{ $storage.mountPath }} + {{- end }} + + {{- include "ix.v1.common.app.postgresPersistence" + (dict "pgData" .Values.roundcubeStorage.pgData + "pgBackup" .Values.roundcubeStorage.pgBackup + ) | nindent 2 }} + +{{- end -}} diff --git a/library/ix-dev/community/roundcube/templates/_portal.tpl b/library/ix-dev/community/roundcube/templates/_portal.tpl new file mode 100644 index 0000000000..b7eb68bdfb --- /dev/null +++ b/library/ix-dev/community/roundcube/templates/_portal.tpl @@ -0,0 +1,12 @@ +{{- define "roundcube.portal" -}} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal +data: + port: {{ .Values.roundcubeNetwork.webPort | quote }} + path: "/" + protocol: http + host: $node_ip +{{- end -}} diff --git a/library/ix-dev/community/roundcube/templates/_postgres.tpl b/library/ix-dev/community/roundcube/templates/_postgres.tpl new file mode 100644 index 0000000000..0c050b6ca0 --- /dev/null +++ b/library/ix-dev/community/roundcube/templates/_postgres.tpl @@ -0,0 +1,6 @@ +{{- define "postgres.workload" -}} +workload: +{{- include "ix.v1.common.app.postgres" (dict "secretName" "postgres-creds" + "resources" .Values.resources + "ixChartContext" .Values.ixChartContext) | nindent 2 }} +{{- end -}} diff --git a/library/ix-dev/community/roundcube/templates/_roundcube.tpl b/library/ix-dev/community/roundcube/templates/_roundcube.tpl new file mode 100644 index 0000000000..39c82fd52b --- /dev/null +++ b/library/ix-dev/community/roundcube/templates/_roundcube.tpl @@ -0,0 +1,57 @@ +{{- define "roundcube.workload" -}} +workload: + roundcube: + enabled: true + primary: true + type: Deployment + podSpec: + hostNetwork: false + containers: + roundcube: + enabled: true + primary: true + imageSelector: image + securityContext: + runAsUser: 0 + runAsGroup: 0 + runAsNonRoot: false + readOnlyRootFilesystem: false + capabilities: + add: + - CHOWN + - DAC_OVERRIDE + - FOWNER + - SETGID + - SETUID + envFrom: + - secretRef: + name: roundcube-creds + - configMapRef: + name: roundcube-config + {{ with .Values.roundcubeConfig.additionalEnvs }} + envList: + {{ range $env := . }} + - name: {{ $env.name }} + value: {{ $env.value }} + {{ end }} + {{ end }} + probes: + liveness: + enabled: true + type: http + path: /?ping=ping + port: 80 + readiness: + enabled: true + type: http + path: /?ping=ping + port: 80 + startup: + enabled: true + type: http + path: /?ping=ping + port: 80 + initContainers: + {{- include "ix.v1.common.app.postgresWait" (dict "name" "01-postgres-wait" + "secretName" "postgres-creds") | nindent 8 }} +{{- end -}} diff --git a/library/ix-dev/community/roundcube/templates/_service.tpl b/library/ix-dev/community/roundcube/templates/_service.tpl new file mode 100644 index 0000000000..5f7607ae73 --- /dev/null +++ b/library/ix-dev/community/roundcube/templates/_service.tpl @@ -0,0 +1,18 @@ +{{- define "roundcube.service" -}} +service: + roundcube: + enabled: true + primary: true + type: NodePort + targetSelector: roundcube + ports: + webui: + enabled: true + primary: true + port: {{ .Values.roundcubeNetwork.webPort }} + nodePort: {{ .Values.roundcubeNetwork.webPort }} + targetPort: 80 + targetSelector: roundcube + {{- include "ix.v1.common.app.postgresService" $ | nindent 2 }} + +{{- end -}} diff --git a/library/ix-dev/community/roundcube/templates/common.yaml b/library/ix-dev/community/roundcube/templates/common.yaml new file mode 100644 index 0000000000..82e0c46c4c --- /dev/null +++ b/library/ix-dev/community/roundcube/templates/common.yaml @@ -0,0 +1,13 @@ +{{- include "ix.v1.common.loader.init" . -}} + +{{/* Merge the templates with Values */}} +{{- $_ := mustMergeOverwrite .Values (include "roundcube.configuration" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "roundcube.service" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "roundcube.persistence" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "roundcube.workload" $ | fromYaml) -}} +{{- $_ := mustMergeOverwrite .Values (include "postgres.workload" $ | fromYaml) -}} + +{{/* Create the configmap for portal manually*/}} +{{- include "roundcube.portal" $ -}} + +{{- include "ix.v1.common.loader.apply" . -}} diff --git a/library/ix-dev/community/roundcube/upgrade_info.json b/library/ix-dev/community/roundcube/upgrade_info.json new file mode 100644 index 0000000000..767388094a --- /dev/null +++ b/library/ix-dev/community/roundcube/upgrade_info.json @@ -0,0 +1 @@ +{"filename": "values.yaml", "keys": ["image"]} diff --git a/library/ix-dev/community/roundcube/upgrade_strategy b/library/ix-dev/community/roundcube/upgrade_strategy new file mode 100755 index 0000000000..29ea824441 --- /dev/null +++ b/library/ix-dev/community/roundcube/upgrade_strategy @@ -0,0 +1,31 @@ +#!/usr/bin/python3 +import json +import re +import sys + +from catalog_update.upgrade_strategy import semantic_versioning + + +RE_STABLE_VERSION = re.compile(r'\d+\.\d+\.\d+-apache') + + +def newer_mapping(image_tags): + key = list(image_tags.keys())[0] + tags = {t.strip("-apache"): t for t in image_tags[key] if RE_STABLE_VERSION.fullmatch(t)} + version = semantic_versioning(list(tags)) + if not version: + return {} + + return { + 'tags': {key: tags[version]}, + 'app_version': version, + } + + +if __name__ == '__main__': + try: + versions_json = json.loads(sys.stdin.read()) + except ValueError: + raise ValueError('Invalid json specified') + + print(json.dumps(newer_mapping(versions_json))) diff --git a/library/ix-dev/community/roundcube/values.yaml b/library/ix-dev/community/roundcube/values.yaml new file mode 100644 index 0000000000..88977236b5 --- /dev/null +++ b/library/ix-dev/community/roundcube/values.yaml @@ -0,0 +1,66 @@ +image: + repository: roundcube/roundcubemail + pullPolicy: IfNotPresent + tag: 1.6.5-apache + +resources: + limits: + cpu: 4000m + memory: 8Gi + +roundcubeConfig: + defaultHost: '' + defaultPort: 143 + smtpServer: '' + smtpPort: 587 + skin: elastic + plugins: + - archive + - zipdownload + aspellDicts: [] + uploadMaxSize: 5 + additionalEnvs: [] + +roundcubeNetwork: + webPort: 31007 + +roundcubeStorage: + html: + type: ixVolume + ixVolumeConfig: + datasetName: html + config: + type: ixVolume + ixVolumeConfig: + datasetName: config + temps: + type: ixVolume + ixVolumeConfig: + datasetName: temps + pgData: + type: ixVolume + ixVolumeConfig: + datasetName: pgData + pgBackup: + type: ixVolume + ixVolumeConfig: + datasetName: pgBackup + additionalStorages: [] + +notes: + custom: | + ## Database + You can connect to the database using the pgAdmin App from the catalog + +
+ Database Details + + - Database: `roundcube` + - Username: `roundcube` + - Password: `{{ .Values.roundcubeDbPass }}` + - Host: `{{ .Values.roundcubeDbHost }}.{{ .Release.Namespace }}.svc.cluster.local` + - Port: `5432` + +
+ {{- $_ := unset .Values "roundcubeDbPass" }} + {{- $_ := unset .Values "roundcubeDbHost" }}