ansible/roles/roundcube/defaults/main.yaml
2021-02-12 17:06:25 +03:00

86 lines
3.3 KiB
YAML

roundcube_enabled: true
roundcube_publish: false
roundcube_use_external_db: true
roundcube_short_name: "webmail"
roundcube_default_values:
env:
- name: ROUNDCUBEMAIL_DB_TYPE
value: "pgsql"
- name: ROUNDCUBEMAIL_DB_HOST
value: "{{ postgres_db_team | default(namespace) }}-postgres.{{ postgres_db_namespace | default(namespace) }}.svc.cluster.local"
- name: ROUNDCUBEMAIL_DB_USER
value: "{{ roundcube_db_username }}"
- name: ROUNDCUBEMAIL_DB_PASSWORD
value: "{{ roundcube_db_password }}"
- name: ROUNDCUBEMAIL_DB_NAME
value: roundcube
- name: ROUNDCUBEMAIL_DEFAULT_HOST
value: "ssl://{{ mail_short_name | default('mail') }}.{{ domain }}"
- name: ROUNDCUBEMAIL_DEFAULT_PORT
value: "993"
- name: ROUNDCUBEMAIL_SMTP_SERVER
value: "ssl://{{ mail_short_name | default('mail') }}.{{ domain }}"
- name: ROUNDCUBEMAIL_SMTP_PORT
value: "465"
- name: ROUNDCUBEMAIL_SKIN
value: elastic
- name: ROUNDCUBEMAIL_UPLOAD_MAX_FILESIZE
value: "25M"
- name: ROUNDCUBEMAIL_PLUGINS
value: "archive,zipdownload,managesieve"
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
kubernetes.io/ingress.class: "{{ external_ingress_class if roundcube_publish else internal_ingress_class }}"
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
path: /
hosts:
- "{{ roundcube_short_name }}.{{ domain }}"
tls:
- secretName: "{{ roundcube_short_name }}.{{ domain }}-tls"
hosts:
- "{{ roundcube_short_name }}.{{ domain }}"
persistence:
enabled: true
storageClass: "{{ roundcube_storage | default('nfs-hdd') }}"
accessMode: "{{ roundcube_storage_mode | default('ReadWriteMany') }}"
size: "{{ roundcube_size | default('8Gi') }}"
configs:
myconfig.inc.php: |
<?php
$config['mail_domain'] = '%d';
$config['username_domain'] = '%d';
$config['managesieve_port'] = '4190';
$config['managesieve_host'] = 'ssl://{{ dovecot_short_name | default("dovecot") }}.{{ namespace }}.svc.cluster.local';
$config['managesieve_usetls'] = false;
$config['managesieve_debug'] = true;
$config['managesieve_conn_options'] = array(
'ssl' => array('verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true)
);
// Enables separate management interface for vacation responses (out-of-office)
// 0 - no separate section (default),
// 1 - add Vacation section,
// 2 - add Vacation section, but hide Filters section
$config['managesieve_vacation'] = 1;
$config['imap_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'allow_self_signed' => true,
'ciphers' => 'TLSv1.2+HIGH:!aNull:@STRENGTH',
),
);
// For STARTTLS SMTP
$config['smtp_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'allow_self_signed' => true,
'ciphers' => 'TLSv1.2+HIGH:!aNull:@STRENGTH',
),
);
?>