roundcube_enabled: true roundcube_publish: false roundcube_chart_ref: "ghp/roundcube" roundcube_use_external_db: true roundcube_short_name: "webmail" roundcube_default_values: env: - name: ROUNDCUBEMAIL_DB_TYPE value: "pgsql" - name: ROUNDCUBEMAIL_DB_HOST value: "{{ postgres_db_team | default(namespace) }}-postgres.{{ postgres_db_namespace | default(namespace) }}.svc.cluster.local" - name: ROUNDCUBEMAIL_DB_USER value: "{{ roundcube_db_username }}" - name: ROUNDCUBEMAIL_DB_PASSWORD value: "{{ roundcube_db_password }}" - name: ROUNDCUBEMAIL_DB_NAME value: roundcube - name: ROUNDCUREMAIL_IMAP_HOST value: "ssl://{{ mail_short_name | default('mail') }}.{{ domain }}:993" - name: ROUNDCUBEMAIL_DEFAULT_HOST value: "ssl://{{ mail_short_name | default('mail') }}.{{ domain }}" - name: ROUNDCUBEMAIL_DEFAULT_PORT value: "993" - name: ROUNDCUBEMAIL_SMTP_HOST value: "ssl://{{ mail_short_name | default('mail') }}.{{ domain }}:465" - name: ROUNDCUBEMAIL_SMTP_SERVER value: "ssl://{{ mail_short_name | default('mail') }}.{{ domain }}" - name: ROUNDCUBEMAIL_SMTP_PORT value: "465" - name: ROUNDCUBEMAIL_SKIN value: elastic - name: ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE value: "25M" - name: ROUNDCUBEMAIL_PLUGINS value: "archive,zipdownload,managesieve" ingress: enabled: true className: "{{ external_ingress_class if roundcube_publish else internal_ingress_class }}" annotations: cert-manager.io/cluster-issuer: "letsencrypt-prod" kubernetes.io/tls-acme: "true" nginx.ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/proxy-read-timeout: "600" nginx.ingress.kubernetes.io/proxy-send-timeout: "600" hosts: - host: "{{ roundcube_short_name }}.{{ domain }}" paths: - path: / pathType: ImplementationSpecific tls: - secretName: "{{ roundcube_short_name }}.{{ domain }}-tls" hosts: - "{{ roundcube_short_name }}.{{ domain }}" persistence: enabled: true storageClass: "{{ roundcube_storage | default('nfs-hdd') }}" accessMode: "{{ roundcube_storage_mode | default('ReadWriteMany') }}" size: "{{ roundcube_size | default('8Gi') }}" configs: myconfig.inc.php: | array('verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true) ); // Enables separate management interface for vacation responses (out-of-office) // 0 - no separate section (default), // 1 - add Vacation section, // 2 - add Vacation section, but hide Filters section $config['managesieve_vacation'] = 1; $config['imap_conn_options'] = array( 'ssl' => array( 'verify_peer' => false, 'allow_self_signed' => true, 'ciphers' => 'TLSv1.3+HIGH:!aNull:@STRENGTH', ), ); // For STARTTLS SMTP $config['smtp_conn_options'] = array( 'ssl' => array( 'verify_peer' => false, 'allow_self_signed' => true, 'ciphers' => 'TLSv1.3+HIGH:!aNull:@STRENGTH', ), ); ?>