feat(nubus): Add self-signed certificate from secret

docs/enhanced-configuration/self-signed-certificates.md

@@ -58,7 +58,7 @@ please ensure that `openssl` is installed on your system.
 
 3. Generate the Java keystore (JKS) file `truststore.jks` with the CA certficiate (requires the Java SDK):
     ```/bin/bash
-    $ export TRUSTSTORE_PASSWORD="passwordForTruststore.jks"
+    $ export TRUSTSTORE_PASSWORD="changeit"
     $ keytool -import -file ca-cert.crt -keystore truststore.jks -storepass "$TRUSTSTORE_PASSWORD"
     Owner: O=Internet Widgits Pty Ltd, ST=Some-State, C=DE
     Issuer: O=Internet Widgits Pty Ltd, ST=Some-State, C=DE

helmfile/apps/nubus/values-nubus.yaml.gotmpl

@@ -4,6 +4,12 @@
 additionalAnnotations:
   {{ .Values.annotations.nubus.additional | toYaml | nindent 2 }}
 
+# -- Disable the cert-manager resources from the Helm chart if certificates are deactivated
+{{- if not .Values.apps.certificates.enabled }}
+certificates:
+  enabled: false
+{{- end }}
+
 global:
   certManagerIssuer: {{ .Values.certificate.issuerRef.name | quote }}
   domain: {{ .Values.global.domain | quote }}
@@ -1521,6 +1527,12 @@ nubusUmcServer:
   smtp:
     auth:
       password: {{ .Values.secrets.postfix.opendeskSystemPassword | quote }}
+{{- if .Values.certificate.selfSigned }}
+  extraVolumes:
+    - name: "certificates"
+      secret:
+        secretName: "opendesk-certificates-tls"
+{{- end }}
 
 nubusUmcGateway:
   containerSecurityContext: