sheppy/opendesk
1
0
Fork 0
mirror of https://gitlab.opencode.de/bmi/opendesk/deployment/opendesk.git synced 2025-12-08 00:11:38 +01:00
Code Issues Packages Projects Releases Wiki Activity

docs(dovecot): Add details about Dovecot Pro requirements

Browse Source
This commit is contained in:
Thorsten Roßner
2025-02-26 16:12:04 +01:00
parent 52b0b13e6b
commit e46c3759e0
3 changed files with 119 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README-EE.md
View File

@@ -44,6 +44,10 @@ To enable the oD EE deployment you must set the environment variable `OPENDESK_E
OPENDESK_ENTERPRISE=true
```
> **Note**
> Upgrading from oD CE to EE is currently not supported, especially due to the fact it requires a migration
> from Dovecot 2.x (standard storage) to Dovecot Pro 3.x (S3).
# Configuring the oD EE deployment for self-hosted installations
## Registry access

176
docs/external-services.md
View File

@@ -22,85 +22,99 @@ service.
> **Note**<br>
> openDesk supports PostgreSQL as alternative database backend for Nextcloud and XWiki. PostgreSQL is likely become the preferred option/default in the future and MariaDB might be deprecated at a later point requiring migrations[^1] if you do not select PostgreSQL for new installations.
| Component | Name | Parameter | Key | Default |
| ---------------- | ------------------ | --------- | --------------------------------------------- | ---------------------------- |
| Element | Synapse | | | |
| | | Type | `databases.synapse.type` | `postgresql` |
| | | Name | `databases.synapse.name` | `matrix` |
| | | Host | `databases.synapse.host` | `postgresql` |
| | | Port | `databases.synapse.port` | `5432` |
| | | Username | `databases.synapse.username` | `matrix_user` |
| | | Password | `databases.synapse.password` | |
| Nubus | Guardian Mgmt API | | | |
| | | Type | `databases.umsGuardianManagementApi.type` | `postgresql` |
| | | Name | `databases.umsGuardianManagementApi.name` | `guardianmanagementapi` |
| | | Host | `databases.umsGuardianManagementApi.host` | `postgresql` |
| | | Port | `databases.umsGuardianManagementApi.port` | `5432` |
| | | Username | `databases.umsGuardianManagementApi.username` | `guardianmanagementapi_user` |
| | | Password | `databases.umsGuardianManagementApi.password` | |
| | Keycloak | | | |
| | | Type | `databases.keycloak.type` | `postgresql` |
| | | Name | `databases.keycloak.name` | `keycloak` |
| | | Host | `databases.keycloak.host` | `postgresql` |
| | | Port | `databases.keycloak.port` | `5432` |
| | | Username | `databases.keycloak.username` | `keycloak_user` |
| | | Password | `databases.keycloak.password` | |
| | Keycloak Extension | | | |
| | | Type | `databases.keycloakExtension.type` | `postgresql` |
| | | Name | `databases.keycloakExtension.name` | `keycloak_extensions` |
| | | Host | `databases.keycloakExtension.host` | `postgresql` |
| | | Port | `databases.keycloakExtension.port` | `5432` |
| | | Username | `databases.keycloakExtension.username` | `keycloak_extensions_user` |
| | | Password | `databases.keycloakExtension.password` | |
| | Notifications API | | | |
| | | Type | `databases.umsNotificationsApi.type` | `postgresql` |
| | | Name | `databases.umsNotificationsApi.name` | `notificationsapi` |
| | | Host | `databases.umsNotificationsApi.host` | `postgresql` |
| | | Port | `databases.umsNotificationsApi.port` | `5432` |
| | | Username | `databases.umsNotificationsApi.username` | `notificationsapi_user` |
| | | Password | `databases.umsNotificationsApi.password` | |
| | Self Service | | | |
| | | Type | `databases.umsSelfservice.type` | `postgresql` |
| | | Name | `databases.umsSelfservice.name` | `selfservice` |
| | | Host | `databases.umsSelfservice.host` | `postgresql` |
| | | Port | `databases.umsSelfservice.port` | `5432` |
| | | Username | `databases.umsSelfservice.username` | `selfservice_user` |
| | | Password | `databases.umsSelfservice.password` | |
| Nextcloud | Nextcloud | | | |
| | | Type | `databases.nextcloud.type` | `mariadb` |
| | | Name | `databases.nextcloud.name` | `nextcloud` |
| | | Host | `databases.nextcloud.host` | `mariadb` |
| | | Port | `databases.nextcloud.port` | `3306` |
| | | Username | `databases.nextcloud.username` | `nextcloud_user` |
| | | Password | `databases.nextcloud.password` | |
| Notes | Notes | | | |
| | | Type | `databases.notes.type` | `postgresql` |
| | | Name | `databases.notes.name` | `notes` |
| | | Host | `databases.notes.host` | `postgresql` |
| | | Port | `databases.notes.port` | `5432` |
| | | Username | `databases.notes.username` | `notes_user` |
| | | Password | `databases.notes.password` | |
| OpenProject | OpenProject | | | |
| | | Type | `databases.openproject.type` | `postgresql` |
| | | Name | `databases.openproject.name` | `openproject` |
| | | Host | `databases.openproject.host` | `postgresql` |
| | | Port | `databases.openproject.port` | `5432` |
| | | Username | `databases.openproject.username` | `openproject_user` |
| | | Password | `databases.openproject.password` | |
| OX App Suite[^2] | OX App Suite | | | |
| | | Type | `databases.oxAppSuite.type` | `mariadb` |
| | | Name | `databases.oxAppSuite.name` | `openxchange` |
| | | Host | `databases.oxAppSuite.host` | `mariadb` |
| | | Port | `databases.oxAppSuite.port` | `3306` |
| | | Username | `databases.oxAppSuite.username` | `root` |
| | | Password | `databases.oxAppSuite.password` | |
| XWiki[^3] | XWiki | | | |
| | | Type | `databases.xwiki.type` | `mariadb` |
| | | Name | `databases.xwiki.name` | `xwiki` |
| | | Host | `databases.xwiki.host` | `mariadb` |
| | | Port | `databases.xwiki.port` | `3306` |
| | | Username | `databases.xwiki.username` | `root` |
| | | Password | `databases.xwiki.password` | |
| Component | Name | Parameter | Key | Default |
| ------------------ | ------------------ | --------- | --------------------------------------------- | ---------------------------- |
| Element | Synapse | | | |
| | | Type | `databases.synapse.type` | `postgresql` |
| | | Name | `databases.synapse.name` | `matrix` |
| | | Host | `databases.synapse.host` | `postgresql` |
| | | Port | `databases.synapse.port` | `5432` |
| | | Username | `databases.synapse.username` | `matrix_user` |
| | | Password | `databases.synapse.password` | |
| Nubus | Guardian Mgmt API | | | |
| | | Type | `databases.umsGuardianManagementApi.type` | `postgresql` |
| | | Name | `databases.umsGuardianManagementApi.name` | `guardianmanagementapi` |
| | | Host | `databases.umsGuardianManagementApi.host` | `postgresql` |
| | | Port | `databases.umsGuardianManagementApi.port` | `5432` |
| | | Username | `databases.umsGuardianManagementApi.username` | `guardianmanagementapi_user` |
| | | Password | `databases.umsGuardianManagementApi.password` | |
| | Keycloak | | | |
| | | Type | `databases.keycloak.type` | `postgresql` |
| | | Name | `databases.keycloak.name` | `keycloak` |
| | | Host | `databases.keycloak.host` | `postgresql` |
| | | Port | `databases.keycloak.port` | `5432` |
| | | Username | `databases.keycloak.username` | `keycloak_user` |
| | | Password | `databases.keycloak.password` | |
| | Keycloak Extension | | | |
| | | Type | `databases.keycloakExtension.type` | `postgresql` |
| | | Name | `databases.keycloakExtension.name` | `keycloak_extensions` |
| | | Host | `databases.keycloakExtension.host` | `postgresql` |
| | | Port | `databases.keycloakExtension.port` | `5432` |
| | | Username | `databases.keycloakExtension.username` | `keycloak_extensions_user` |
| | | Password | `databases.keycloakExtension.password` | |
| | Notifications API | | | |
| | | Type | `databases.umsNotificationsApi.type` | `postgresql` |
| | | Name | `databases.umsNotificationsApi.name` | `notificationsapi` |
| | | Host | `databases.umsNotificationsApi.host` | `postgresql` |
| | | Port | `databases.umsNotificationsApi.port` | `5432` |
| | | Username | `databases.umsNotificationsApi.username` | `notificationsapi_user` |
| | | Password | `databases.umsNotificationsApi.password` | |
| | Self Service | | | |
| | | Type | `databases.umsSelfservice.type` | `postgresql` |
| | | Name | `databases.umsSelfservice.name` | `selfservice` |
| | | Host | `databases.umsSelfservice.host` | `postgresql` |
| | | Port | `databases.umsSelfservice.port` | `5432` |
| | | Username | `databases.umsSelfservice.username` | `selfservice_user` |
| | | Password | `databases.umsSelfservice.password` | |
| Nextcloud | Nextcloud | | | |
| | | Type | `databases.nextcloud.type` | `mariadb` |
| | | Name | `databases.nextcloud.name` | `nextcloud` |
| | | Host | `databases.nextcloud.host` | `mariadb` |
| | | Port | `databases.nextcloud.port` | `3306` |
| | | Username | `databases.nextcloud.username` | `nextcloud_user` |
| | | Password | `databases.nextcloud.password` | |
| Notes | Notes | | | |
| | | Type | `databases.notes.type` | `postgresql` |
| | | Name | `databases.notes.name` | `notes` |
| | | Host | `databases.notes.host` | `postgresql` |
| | | Port | `databases.notes.port` | `5432` |
| | | Username | `databases.notes.username` | `notes_user` |
| | | Password | `databases.notes.password` | |
| OpenProject | OpenProject | | | |
| | | Type | `databases.openproject.type` | `postgresql` |
| | | Name | `databases.openproject.name` | `openproject` |
| | | Host | `databases.openproject.host` | `postgresql` |
| | | Port | `databases.openproject.port` | `5432` |
| | | Username | `databases.openproject.username` | `openproject_user` |
| | | Password | `databases.openproject.password` | |
| OX App Suite[^2] | OX App Suite | | | |
| | | Type | `databases.oxAppSuite.type` | `mariadb` |
| | | Name | `databases.oxAppSuite.name` | `openxchange` |
| | | Host | `databases.oxAppSuite.host` | `mariadb` |
| | | Port | `databases.oxAppSuite.port` | `3306` |
| | | Username | `databases.oxAppSuite.username` | `root` |
| | | Password | `databases.oxAppSuite.password` | |
| OX Dovecot Pro[^3] | ACLs | | | |
| | | Type | `databases.dovecotACL.type` | `cassandra` |
| | | Name | `databases.dovecotACL.name` | `dovecot_acl` |
| | | Host | `databases.dovecotACL.host` | `cassandra` |
| | | Port | `databases.dovecotACL.port` | `9042` |
| | | Username | `databases.dovecotACL.username` | `dovecot_acl_user` |
| | | Password | `databases.dovecotACL.password` | |
| | Dictmap | | | |
| | | Type | `databases.dovecotDictmap.type` | `cassandra` |
| | | Name | `databases.dovecotDictmap.name` | `dovecot_dictmap` |
| | | Host | `databases.dovecotDictmap.host` | `cassandra` |
| | | Port | `databases.dovecotDictmap.port` | `9042` |
| | | Username | `databases.dovecotDictmap.username` | `dovecot_dictmap_user` |
| | | Password | `databases.dovecotDictmap.password` | |
| XWiki[^4] | XWiki | | | |
| | | Type | `databases.xwiki.type` | `mariadb` |
| | | Name | `databases.xwiki.name` | `xwiki` |
| | | Host | `databases.xwiki.host` | `mariadb` |
| | | Port | `databases.xwiki.port` | `3306` |
| | | Username | `databases.xwiki.username` | `root` |
| | | Password | `databases.xwiki.password` | |
# Object storage
@@ -149,4 +163,6 @@ service.
[^2] OX App Suite only supports MariaDB and requires root access, as it manages its databases itself.
[^3] XWiki requires root access when using MariaDB as sub-wikis are using separate databases that are managed by XWiki. When using PostgreSQL with XWiki no root user is required as the sub-wikis are managed within multiple schemes within a single database.
[^3] openDesk Enterprise only.
[^4] XWiki requires root access when using MariaDB as sub-wikis are using separate databases that are managed by XWiki. When using PostgreSQL with XWiki no root user is required as the sub-wikis are managed within multiple schemes within a single database.

31
docs/requirements.md
View File

@@ -16,6 +16,7 @@ This section covers the internal system requirements and external service requir
* [Certificate management](#certificate-management)
* [External services](#external-services)
* [Deployment](#deployment)
* [Footnotes](#footnotes)
<!-- TOC -->
# tl;dr
@@ -31,6 +32,7 @@ openDesk is a Kubernetes-only solution and requires an existing Kubernetes (K8s)
- [HelmDiff](https://github.com/databus23/helm-diff) >= 3.6.0
- Volume provisioner supporting RWO (read-write-once)
- Certificate handling with [cert-manager](https://cert-manager.io/)
- [OpenKruise](https://openkruise.io/)[^1] >= 1.6
# Hardware
@@ -85,19 +87,20 @@ For the development and evaluation of openDesk, we bundle some services. Be awar
deployments, you need to make use of your own production-grade services; see the
[external-services.md](./external-services.md) for configuration details.
| Group    | Type                | Version | Tested against        |
| Group | Type | Version | Tested against |
| -------- | ------------------- | ------- | --------------------- |
| Cache    | Memcached           | `1.6.x` | Memcached             |
|          | Redis               | `7.x.x` | Redis                 |
| Database | MariaDB             | `10.x` | MariaDB               |
|          | PostgreSQL          | `15.x` | PostgreSQL            |
| Mail     | Mail Transfer Agent |         | Postfix               |
|          | PKI/CI (S/MIME)     |         |                       |
| Security | AntiVirus/ICAP      |         | ClamAV                |
| Storage  | K8s ReadWriteOnce   |         | Ceph / Cloud specific |
|          | K8s ReadWriteMany   |         | Ceph / NFS            |
|          | Object Storage      |         | MinIO                 |
| Voice    | TURN                |         | Coturn                |
| Cache | Memcached | `1.6.x` | Memcached |
| | Redis | `7.x.x` | Redis |
| Database | Cassandra[^1] | `5.0.x` | Cassandra |
| | MariaDB | `10.x` | MariaDB |
| | PostgreSQL | `15.x` | PostgreSQL |
| Mail | Mail Transfer Agent | | Postfix |
| | PKI/CI (S/MIME) | | |
| Security | AntiVirus/ICAP | | ClamAV |
| Storage | K8s ReadWriteOnce | | Ceph / Cloud specific |
| | K8s ReadWriteMany | | Ceph / NFS |
| | Object Storage | | MinIO |
| Voice | TURN | | Coturn |
# Deployment
@@ -105,3 +108,7 @@ The deployment of each component is [Helm](https://helm.sh/) based. The 35+ Helm
templated via [Helmfile](https://helmfile.readthedocs.io/en/latest/) to provide a streamlined deployment experience.
Helmfile requires [HelmDiff](https://github.com/databus23/helm-diff) to compare the desired against the deployed state.
# Footnotes
[^1]: Required for Dovecot Pro as part of openDesk Enterprise Edition.