First draft

README.md

@@ -0,0 +1,3 @@
+# Podman Quadlet Collection
+
+This repository contains a collection of services, modelled as podman quadlets.

addy-db.volume

@@ -0,0 +1,5 @@
+[Unit]
+Description=Addy.io Database Volume
+
+[Volume]
+VolumeName=addy-db-volume

addy.kube

@@ -0,0 +1,18 @@
+[Unit]
+Description=Addy Mail Service (Pod)
+After=network-online.target
+Requires=addy-db.volume
+After=addy-db.volume
+
+[Kube]
+Yaml=addy.yml
+AutoUpdate=registry
+
+UserNS=keep-id:uid=1000,gid=1000
+ConfigMap=config.map
+
+PublishPort=2525:25
+PublishPort=8000:8000
+
+[Service]
+Restart=always

addy.yml

@@ -0,0 +1,67 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: addy
+spec:
+  restartPolicy: Always
+  containers:
+    - name: addy-db
+      image: mariadb:12
+      args:
+        - "mariadbd"
+        - "--character-set-server=utf8mb4"
+        - "--collation-server=utf8mb4_unicode_ci"
+      env:
+        - name: MARIADB_RANDOM_ROOT_PASSWORD
+          value: "yes"
+        - name: MYSQL_DATABASE
+          value: "anonaddy_db"
+        - name: MYSQL_USER
+          value: "addy_user"
+        - name: MYSQL_PASSWORD
+          value: "secure_password"
+      volumeMounts:
+        - mountPath: /var/lib/mysql
+          name: addy-db-volume
+
+    # --- Redis Service ---
+    - name: addy-redis
+      image: redis:8-alpine
+
+    # --- Addy Application ---
+    - name: addy-app
+      image: anonaddy/anonaddy:latest
+      ports:
+        - containerPort: 25
+          hostPort: 2525
+          protocol: TCP
+        - containerPort: 8000
+          hostPort: 8000
+          protocol: TCP
+      env:
+        # Internal Networking uses localhost inside a Pod
+        - name: DB_HOST
+          value: "127.0.0.1"
+        - name: REDIS_HOST
+          value: "127.0.0.1"
+
+          
+        - name: DB_DATABASE
+          value: "anonaddy_db"
+        - name: DB_USERNAME
+          value: "addy_user"
+        - name: DB_PASSWORD
+          value: "secure_password"
+      volumeMounts:
+        - mountPath: /data
+          name: data-volume
+
+  # --- Volume Definitions ---
+  volumes:
+    - name: addy-db-volume
+      persistentVolumeClaim:
+        claimName: addy-db-volume
+    - name: data-volume
+      hostPath:
+        path: /opt/addy/data
+        type: Directory

config.map

@@ -0,0 +1,34 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: addy-config
+data:
+  TZ: "Europe/Berlin"
+  PUID: "1000"
+  PGID: "1000"
+  MEMORY_LIMIT: "256M"
+  UPLOAD_MAX_SIZE: "16M"
+  OPCACHE_MEM_SIZE: "128"
+  REAL_IP_FROM: "0.0.0.0/32"
+  REAL_IP_HEADER: "X-Forwarded-For"
+  LOG_IP_VAR: "remote_addr"
+  APP_DEBUG: "false"
+  APP_URL: "http://127.0.0.1:8000"
+  ANONADDY_RETURN_PATH: "bounces@example.com"
+  ANONADDY_ADMIN_USERNAME: "addy"
+  ANONADDY_ENABLE_REGISTRATION: "true"
+  ANONADDY_DOMAIN: "example.com"
+  ANONADDY_ALL_DOMAINS: "example.com"
+  ANONADDY_HOSTNAME: "mail.example.com"
+  ANONADDY_DNS_RESOLVER: "127.0.0.1"
+  ANONADDY_SECRET: ""
+  ANONADDY_LIMIT: "200"
+  ANONADDY_BANDWIDTH_LIMIT: "104857600"
+  ANONADDY_NEW_ALIAS_LIMIT: "10"
+  ANONADDY_ADDITIONAL_USERNAME_LIMIT: "3"
+  MAIL_FROM_NAME: "addy.io"
+  MAIL_FROM_ADDRESS: "addy@example.com"
+  POSTFIX_DEBUG: "false"
+  POSTFIX_SMTPD_TLS: "false"
+  POSTFIX_SMTP_TLS: "false"
+  MYSQL_DATABASE: "anonaddy

secrets.yml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: addy.io-secrets
+type: Opaque
+data:
+  db-pass: c3VwZXItc2VjcmV0LWRiLXBhc3M=
+  api-token: bXktYXBpLXRva2VuLTEyMw==
+  addy-secret: replace-me
+  app-key: ""