mirror of
https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git
synced 2025-12-08 08:21:40 +01:00
fix(dovecot): Enable shared mailboxes
This commit is contained in:
Thomas Kaltenbrunner
@@ -27,15 +27,8 @@ dovecot:
|
|||||||
password:
|
password:
|
||||||
value: {{ .Values.secrets.cassandra.dovecotDictmapUser | quote }}
|
value: {{ .Values.secrets.cassandra.dovecotDictmapUser | quote }}
|
||||||
keyspace: {{ .Values.databases.dovecotDictmap.name | quote }}
|
keyspace: {{ .Values.databases.dovecotDictmap.name | quote }}
|
||||||
sharedMailboxes:
|
|
||||||
enabled: false
|
|
||||||
host: {{ .Values.databases.dovecotACL.host | quote }}
|
|
||||||
port: {{ .Values.databases.dovecotACL.port }}
|
|
||||||
username: {{ .Values.databases.dovecotACL.username | quote }}
|
|
||||||
password:
|
|
||||||
value: {{ .Values.secrets.cassandra.dovecotACLUser | quote }}
|
|
||||||
keyspace: {{ .Values.databases.dovecotACL.name | quote }}
|
|
||||||
objectStorage:
|
objectStorage:
|
||||||
|
bucket: {{ .Values.objectstores.dovecot.bucket | quote }}
|
||||||
encryption:
|
encryption:
|
||||||
privateKey:
|
privateKey:
|
||||||
value: {{ env "DOVECOT_CRYPT_PRIVATE_KEY" | quote }}
|
value: {{ env "DOVECOT_CRYPT_PRIVATE_KEY" | quote }}
|
||||||
|
|||||||
@@ -49,6 +49,15 @@ dovecot:
|
|||||||
introspectionPath: "/realms/{{ .Values.platform.realm }}/protocol/openid-connect/token/introspect"
|
introspectionPath: "/realms/{{ .Values.platform.realm }}/protocol/openid-connect/token/introspect"
|
||||||
usernameAttribute: "opendesk_username"
|
usernameAttribute: "opendesk_username"
|
||||||
loginTrustedNetworks: {{ join " " .Values.cluster.networking.cidr | quote }}
|
loginTrustedNetworks: {{ join " " .Values.cluster.networking.cidr | quote }}
|
||||||
|
sharedMailboxes:
|
||||||
|
type: "postgresql"
|
||||||
|
enabled: true
|
||||||
|
host: {{ .Values.databases.dovecotACL.host | quote }}
|
||||||
|
port: {{ .Values.databases.dovecotACL.port }}
|
||||||
|
username: {{ .Values.databases.dovecotACL.username | quote }}
|
||||||
|
password:
|
||||||
|
value: {{ .Values.secrets.postgresql.dovecotACLUser | quote }}
|
||||||
|
database: {{ .Values.databases.dovecotACL.name | quote }}
|
||||||
submission:
|
submission:
|
||||||
enabled: true
|
enabled: true
|
||||||
ssl: "no"
|
ssl: "no"
|
||||||
|
|||||||
@@ -43,10 +43,6 @@ initDB:
|
|||||||
CREATE ROLE IF NOT EXISTS {{ .Values.databases.dovecotDictmap.username | quote }};
|
CREATE ROLE IF NOT EXISTS {{ .Values.databases.dovecotDictmap.username | quote }};
|
||||||
ALTER ROLE {{ .Values.databases.dovecotDictmap.username | quote }} WITH PASSWORD = {{ regexReplaceAll "'" .Values.secrets.cassandra.dovecotDictmapUser "''" | squote }} AND LOGIN = true;
|
ALTER ROLE {{ .Values.databases.dovecotDictmap.username | quote }} WITH PASSWORD = {{ regexReplaceAll "'" .Values.secrets.cassandra.dovecotDictmapUser "''" | squote }} AND LOGIN = true;
|
||||||
GRANT ALL ON KEYSPACE {{ .Values.databases.dovecotDictmap.name | quote }} TO {{ .Values.databases.dovecotDictmap.username | quote }};
|
GRANT ALL ON KEYSPACE {{ .Values.databases.dovecotDictmap.name | quote }} TO {{ .Values.databases.dovecotDictmap.username | quote }};
|
||||||
CREATE KEYSPACE IF NOT EXISTS {{ .Values.databases.dovecotACL.name | quote }} WITH REPLICATION = { 'class' : 'SimpleStrategy', 'replication_factor' : 1 };
|
|
||||||
CREATE ROLE IF NOT EXISTS {{ .Values.databases.dovecotACL.username | quote }};
|
|
||||||
ALTER ROLE {{ .Values.databases.dovecotACL.username | quote }} WITH PASSWORD = {{ regexReplaceAll "'" .Values.secrets.cassandra.dovecotACLUser "''" | squote }} AND LOGIN = true;
|
|
||||||
GRANT ALL ON KEYSPACE {{ .Values.databases.dovecotACL.name | quote }} TO {{ .Values.databases.dovecotACL.username | quote }};
|
|
||||||
|
|
||||||
# Will print a warning if unset but is automatically calculated:
|
# Will print a warning if unset but is automatically calculated:
|
||||||
jvm:
|
jvm:
|
||||||
|
|||||||
@@ -48,6 +48,9 @@ image:
|
|||||||
|
|
||||||
job:
|
job:
|
||||||
users:
|
users:
|
||||||
|
- username: {{ .Values.databases.dovecotACL.username | quote }}
|
||||||
|
password: {{ .Values.secrets.postgresql.dovecotACLUser | quote }}
|
||||||
|
connectionLimit: {{ .Values.databases.dovecotACL.connectionLimit | default .Values.databases.defaults.userConnectionLimit }}
|
||||||
- username: {{ .Values.databases.keycloak.username | quote }}
|
- username: {{ .Values.databases.keycloak.username | quote }}
|
||||||
password: {{ .Values.secrets.postgresql.keycloakUser | quote }}
|
password: {{ .Values.secrets.postgresql.keycloakUser | quote }}
|
||||||
connectionLimit: {{ .Values.databases.keycloak.connectionLimit | default .Values.databases.defaults.userConnectionLimit }}
|
connectionLimit: {{ .Values.databases.keycloak.connectionLimit | default .Values.databases.defaults.userConnectionLimit }}
|
||||||
@@ -83,6 +86,8 @@ job:
|
|||||||
connectionLimit: {{ .Values.databases.xwiki.connectionLimit | default .Values.databases.defaults.userConnectionLimit }}
|
connectionLimit: {{ .Values.databases.xwiki.connectionLimit | default .Values.databases.defaults.userConnectionLimit }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
databases:
|
databases:
|
||||||
|
- name: {{ .Values.databases.dovecotACL.name | quote }}
|
||||||
|
user: {{ .Values.databases.dovecotACL.username | quote }}
|
||||||
- name: {{ .Values.databases.keycloak.name | quote }}
|
- name: {{ .Values.databases.keycloak.name | quote }}
|
||||||
user: {{ .Values.databases.keycloak.username | quote }}
|
user: {{ .Values.databases.keycloak.username | quote }}
|
||||||
- name: {{ .Values.databases.keycloakExtension.name | quote }}
|
- name: {{ .Values.databases.keycloakExtension.name | quote }}
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ charts:
|
|||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "zendis/opendesk-enterprise/components/product-development/charts/opendesk-dovecot-pro"
|
repository: "zendis/opendesk-enterprise/components/product-development/charts/opendesk-dovecot-pro"
|
||||||
name: "dovecot"
|
name: "dovecot"
|
||||||
version: "3.0.0" ## DO NOT FORGET TO UPDATE AND TEST ALSO THE EE CHART
|
version: "3.0.0-tkaltenbrunner-fix-postgresacl"
|
||||||
verify: true
|
verify: true
|
||||||
oxAppSuite:
|
oxAppSuite:
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
|
|||||||
@@ -17,5 +17,5 @@ images:
|
|||||||
openxchangeCoreMW:
|
openxchangeCoreMW:
|
||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "zendis/opendesk-enterprise/components/supplier/open-xchange/images-mirror/middleware-public-sector-pro"
|
repository: "zendis/opendesk-enterprise/components/supplier/open-xchange/images-mirror/middleware-public-sector-pro"
|
||||||
tag: "8.35.85@sha256:54d01a16ea29a3ae8f1857e5bdf6d2e34046b8a3fa3d6179bb3ad3d047e1318f"
|
tag: "8.37.62@sha256:750bb22a12646e4f3df01de9d438617c53d0996407ba11924167102cd84c4660"
|
||||||
...
|
...
|
||||||
|
|||||||
@@ -99,7 +99,7 @@ charts:
|
|||||||
registry: "registry.opencode.de"
|
registry: "registry.opencode.de"
|
||||||
repository: "bmi/opendesk/components/platform-development/charts/opendesk-dovecot"
|
repository: "bmi/opendesk/components/platform-development/charts/opendesk-dovecot"
|
||||||
name: "dovecot"
|
name: "dovecot"
|
||||||
version: "3.1.0-feat-dovecot-config"
|
version: "3.1.0-tkaltenbrunner-fix-dovecot-acls"
|
||||||
verify: true
|
verify: true
|
||||||
element:
|
element:
|
||||||
# providerCategory: "Platform"
|
# providerCategory: "Platform"
|
||||||
|
|||||||
@@ -15,10 +15,10 @@ databases:
|
|||||||
password: ""
|
password: ""
|
||||||
connectionLimit: ~
|
connectionLimit: ~
|
||||||
dovecotACL:
|
dovecotACL:
|
||||||
type: "cassandra"
|
type: "postgresql"
|
||||||
name: "dovecot_acl"
|
name: "dovecot_acl"
|
||||||
host: "cassandra"
|
host: "postgresql"
|
||||||
port: 9042
|
port: 5432
|
||||||
username: "dovecot_acl_user"
|
username: "dovecot_acl_user"
|
||||||
password: ""
|
password: ""
|
||||||
connectionLimit: ~
|
connectionLimit: ~
|
||||||
|
|||||||
@@ -8,7 +8,6 @@ secrets:
|
|||||||
cassandra:
|
cassandra:
|
||||||
rootPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cassandra" "root_password" | sha1sum | quote }}
|
rootPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cassandra" "root_password" | sha1sum | quote }}
|
||||||
dovecotDictmapUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cassandra" "dovecot_dictmap_user" | sha1sum | quote }}
|
dovecotDictmapUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cassandra" "dovecot_dictmap_user" | sha1sum | quote }}
|
||||||
dovecotACLUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cassandra" "dovecot_acl_user" | sha1sum | quote }}
|
|
||||||
oxAppSuite:
|
oxAppSuite:
|
||||||
adminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "admin_password" | sha1sum | quote }}
|
adminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "admin_password" | sha1sum | quote }}
|
||||||
basicAuthPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "basic_auth_password" | sha1sum | quote }}
|
basicAuthPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "ox_appsuite" "basic_auth_password" | sha1sum | quote }}
|
||||||
@@ -59,6 +58,7 @@ secrets:
|
|||||||
natsAdminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "admin" "nats" | sha1sum | quote }}
|
natsAdminPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "admin" "nats" | sha1sum | quote }}
|
||||||
postgresql:
|
postgresql:
|
||||||
postgresUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "postgres_user" | sha1sum | quote }}
|
postgresUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "postgres_user" | sha1sum | quote }}
|
||||||
|
dovecotACLUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cassandra" "dovecot_acl_user" | sha1sum | quote }}
|
||||||
keycloakUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_user" | sha1sum | quote }}
|
keycloakUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_user" | sha1sum | quote }}
|
||||||
keycloakExtensionUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_extensions_user" | sha1sum | quote }}
|
keycloakExtensionUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "keycloak_extensions_user" | sha1sum | quote }}
|
||||||
matrixUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "matrix_user" | sha1sum | quote }}
|
matrixUser: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "postgres" "matrix_user" | sha1sum | quote }}
|
||||||
|
|||||||
Reference in New Issue
Block a user