Added: configmap + secrets

addy-data.volume

@@ -0,0 +1,5 @@
+[Unit]
+Description=Addy.io Data Volume
+
+[Volume]
+VolumeName=addy-data-volume

addy.kube

@@ -1,8 +1,10 @@
 [Unit]
 Description=Addy Mail Service (Pod)
-After=network-online.target
 Requires=addy-db.volume
+Requires=addy-data.volume
 After=addy-db.volume
+After=addy-data.volume
+After=network-online.target
 
 [Kube]
 Yaml=addy.yml

addy.yml

@@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Pod
 metadata:
-  name: addy
+  name: addy.io
 spec:
   restartPolicy: Always
   containers:
@@ -15,11 +15,20 @@ spec:
         - name: MARIADB_RANDOM_ROOT_PASSWORD
           value: "yes"
         - name: MYSQL_DATABASE
-          value: "anonaddy_db"
+          valueFrom:
+            configMapKeyRef:
+                name: addy.io-config-shared
+                key: DATABASE_NAME
         - name: MYSQL_USER
-          value: "addy_user"
+          valueFrom:
+            configMapKeyRef:
+                name: addy.io-config-shared
+                key: DATABASE_USER
         - name: MYSQL_PASSWORD
-          value: "secure_password"
+          valueFrom:
+              secretKeyRef:
+                name: addy.io-secrets
+                key: db-password
       volumeMounts:
         - mountPath: /var/lib/mysql
           name: addy-db-volume
@@ -38,30 +47,40 @@ spec:
         - containerPort: 8000
           hostPort: 8000
           protocol: TCP
+      envFrom:
+        - configMapRef:
+            name: addy.io-config
       env:
-        # Internal Networking uses localhost inside a Pod
         - name: DB_HOST
           value: "127.0.0.1"
         - name: REDIS_HOST
           value: "127.0.0.1"
-
-          
+        
+        # Database Configuration
         - name: DB_DATABASE
-          value: "anonaddy_db"
+          valueFrom:
+            configMapKeyRef:
+              name: addy.io-config-shared
+              key: DATABASE_NAME
         - name: DB_USERNAME
-          value: "addy_user"
+          valueFrom:
+            configMapKeyRef:
+              name: addy.io-config-shared
+              key: DATABASE_USER
         - name: DB_PASSWORD
-          value: "secure_password"
+          valueFrom:
+              secretKeyRef:
+                name: addy.io-secrets
+                key: db-password
       volumeMounts:
         - mountPath: /data
-          name: data-volume
+          name: addy-data-volume
 
   # --- Volume Definitions ---
   volumes:
     - name: addy-db-volume
       persistentVolumeClaim:
-        claimName: addy-db-volume
-    - name: data-volume
-      hostPath:
-        path: /opt/addy/data
-        type: Directory
+        claimName: addy.io-db
+    - name: addy-data-volume
+      persistentVolumeClaim:
+        claimName: addy.io-data

config.map

@@ -1,9 +1,19 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: addy-config
+  name: addy.io-config-shared
 data:
   TZ: "Europe/Berlin"
+  DATABASE_NAME: "anonaddy"
+  DATABASE_USER: "anonaddy_user"
+
+--- 
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: addy.io-config
+data:
   PUID: "1000"
   PGID: "1000"
   MEMORY_LIMIT: "256M"
@@ -21,14 +31,14 @@ data:
   ANONADDY_ALL_DOMAINS: "example.com"
   ANONADDY_HOSTNAME: "mail.example.com"
   ANONADDY_DNS_RESOLVER: "127.0.0.1"
-  ANONADDY_SECRET: ""
   ANONADDY_LIMIT: "200"
   ANONADDY_BANDWIDTH_LIMIT: "104857600"
   ANONADDY_NEW_ALIAS_LIMIT: "10"
   ANONADDY_ADDITIONAL_USERNAME_LIMIT: "3"
+  ANONADDY_DKIM_SIGNING_KEY: ""
+  ANONADDY_DKIM_SELECTOR: ""
   MAIL_FROM_NAME: "addy.io"
   MAIL_FROM_ADDRESS: "addy@example.com"
   POSTFIX_DEBUG: "false"
   POSTFIX_SMTPD_TLS: "false"
   POSTFIX_SMTP_TLS: "false"
-  MYSQL_DATABASE: "anonaddy

secrets.yml

@@ -4,7 +4,6 @@ metadata:
   name: addy.io-secrets
 type: Opaque
 data:
-  db-pass: c3VwZXItc2VjcmV0LWRiLXBhc3M=
-  api-token: bXktYXBpLXRva2VuLTEyMw==
-  addy-secret: replace-me
-  app-key: ""
+  db-password: c3VwZXItc2VjcmV0LWRiLXBhc3M=
+  addy-secret: replace-me-with-a-random-string
+  app-key: base64:CN/JeFqgUyUMUfwgqZDMjOldkBt0ye/HM9esIH7diPU=