From da8de30b275674fa494071c5e6c5e805352f2b40 Mon Sep 17 00:00:00 2001
From: ace <ace@0xace.cc>
Date: Sun, 17 Jan 2021 04:14:26 +0300
Subject: [PATCH] update mail - migrate from opendkim and opendmarc to rspamd

---
 rspamd/Chart.yaml                | 24 +++++++-----------------
 rspamd/templates/configmap.yaml  | 21 +++++++++++++++++++++
 rspamd/templates/deployment.yaml | 30 ++++++++++++++++++++++++++++++
 rspamd/templates/service.yaml    | 12 ++++++++++++
 rspamd/values.yaml               | 22 +++++++++++++++++++++-
 5 files changed, 91 insertions(+), 18 deletions(-)

diff --git a/rspamd/Chart.yaml b/rspamd/Chart.yaml
index 3582a28..49154ba 100644
--- a/rspamd/Chart.yaml
+++ b/rspamd/Chart.yaml
@@ -1,21 +1,11 @@
 apiVersion: v2
 name: rspamd
 description: A Helm chart for Kubernetes
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+dependencies:
+- condition: redis.enabled
+  name: redis
+  repository: https://charts.bitnami.com/bitnami
+  version: 12.3.2
 type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-version: 0.1.1
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application.
-appVersion: 2.6
+version: 0.2.0
+appVersion: 2.7
diff --git a/rspamd/templates/configmap.yaml b/rspamd/templates/configmap.yaml
index ed97d53..6770c39 100644
--- a/rspamd/templates/configmap.yaml
+++ b/rspamd/templates/configmap.yaml
@@ -1 +1,22 @@
+{{- range $key, $val := (index .Values.rspamd "local.d") }}
 ---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: rspamd-{{ $key | replace "_" "-" | replace "." "-" }}
+data:
+{{ $key | indent 2 }}: |
+{{ $val | indent 4 }}
+{{- end }}
+
+{{- range $key, $val := (index .Values.rspamd "dkim-keys") }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: rspamd-dkim-{{ $key | replace "." "-" }}
+data:
+{{ $key | indent 2 }}: |
+{{ $val | indent 4 }}
+{{- end }}
+
diff --git a/rspamd/templates/deployment.yaml b/rspamd/templates/deployment.yaml
index 1856e41..41aa7a3 100644
--- a/rspamd/templates/deployment.yaml
+++ b/rspamd/templates/deployment.yaml
@@ -33,6 +33,26 @@ spec:
             - name: rspamd-proxy
               containerPort: 11332
               protocol: TCP
+            - name: rspamd-normal
+              containerPort: 11333
+              protocol: TCP
+            - name: rspamd-ctrl
+              containerPort: 11334
+              protocol: TCP
+            - name: rspamd-fuzzy
+              containerPort: 11335
+              protocol: TCP
+          volumeMounts:
+            {{- range $key, $val := (index .Values.rspamd "local.d") }}
+            - name: rspamd-{{ $key | replace "_" "-" | replace "." "-" }}
+              mountPath: "/etc/rspamd/local.d/{{ $key }}"
+              subPath: {{ $key }}
+            {{- end }}
+            {{- range $key, $val := (index .Values.rspamd "dkim-keys") }}
+            - name: rspamd-dkim-{{ $key | replace "." "-" }}
+              mountPath: "/var/lib/rspamd/dkim/{{ $key }}.key"
+              subPath: {{ $key }}
+            {{- end }}
       volumes:
       - name: data
         {{- if .Values.persistence.enabled }}
@@ -41,6 +61,16 @@ spec:
         {{- else }}
         emptyDir: {}
         {{- end }}
+      {{- range $key, $val := (index .Values.rspamd "local.d") }}
+      - name: rspamd-{{ $key | replace "_" "-" | replace "." "-" }}
+        configMap:
+          name: rspamd-{{ $key | replace "_" "-" | replace "." "-" }}
+      {{- end }}
+      {{- range $key, $val := (index .Values.rspamd "dkim-keys") }}
+      - name: rspamd-dkim-{{ $key | replace "." "-" }}
+        configMap:
+          name: rspamd-dkim-{{ $key | replace "." "-" }}
+      {{- end }}
       {{- with .Values.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
diff --git a/rspamd/templates/service.yaml b/rspamd/templates/service.yaml
index f9a2dee..74a35f5 100644
--- a/rspamd/templates/service.yaml
+++ b/rspamd/templates/service.yaml
@@ -11,5 +11,17 @@ spec:
       targetPort: 11332
       protocol: TCP
       name: rspamd-proxy
+    - port: 11333
+      targetPort: 11333
+      protocol: TCP
+      name: rspamd-normal
+    - port: 11334
+      targetPort: 11334
+      protocol: TCP
+      name: rspamd-ctrl
+    - port: 11335
+      targetPort: 11335
+      protocol: TCP
+      name: rspamd-fuzzy
   selector:
     {{- include "rspamd.selectorLabels" . | nindent 4 }}
diff --git a/rspamd/values.yaml b/rspamd/values.yaml
index 98bb339..dbf0401 100644
--- a/rspamd/values.yaml
+++ b/rspamd/values.yaml
@@ -10,8 +10,28 @@ persistence:
 rspamd:
   image:
     repository: registry.geekhome.org/rspamd
-    tag: 2.6
+    tag: 2.7
     pullPolicy: Always
+  local.d:
+    redis.conf: |
+      servers = "rspamd-redis-master";
+    worker-proxy.inc: |
+      bind_socket = "0.0.0.0:11332";
+    worker-normal.inc: |
+      bind_socket = "0.0.0.0:11333";
+    worker-controller.inc: |
+      bind_socket = "0.0.0.0:11334";
+    worker-fuzzy.inc: |
+      bind_socket = "0.0.0.0:11335";
+    logging.inc: |
+      type = "console";
+
+redis:
+  enabled: true
+  usePassword: false
+  password: ""
+  cluster:
+    enabled: false
 
 service:
   type: ClusterIP