Set up an email server in kubernetes
https://www.godaddy.com/garage/configuring-dns-for-email-a-quick-beginners-guide/
kubectl create configmap mydomain-dkim-keys --from-file=opendkim-keys/mydomain.com/ --dry-run -o yaml >mydomain-dkim-keys.yml
K8s resources:
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: postfix
labels:
system: postfix
spec:
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: postfix
template:
metadata:
labels:
app: postfix
spec:
restartPolicy: Always
containers:
- name: postfix
# https://github.com/wader/postfix-relay
image: mwader/postfix-relay:latest
imagePullPolicy: IfNotPresent
env:
- name: POSTFIX_myhostname
value: mydomain.com
- name: POSTFIX_mydestination
value: $myhostname,localhost
- name: POSTFIX_myorigin
value: $myhostname
- name: OPENDKIM_DOMAINS
value: mydomain.com
command:
- sh
- -c
- cp -r /keys /etc/opendkim/ && /root/run
ports:
- name: smtp
containerPort: 25
protocol: TCP
resources:
requests:
cpu: 100m
memory: 50Mi
limits:
cpu: 200m
memory: 100Mi
volumeMounts:
# since the configmap is mounted as readonly, and the container does some
# chown'ing and chmod'ing on startup, we mount a different directory and
# copy upon startup (see container's `command` above).
- name: mydomain-dkim-keys
mountPath: /keys/mydomain.com
volumes:
- name: mydomain-dkim-keys
configMap:
name: mydomain-dkim-keys
---
apiVersion: v1
kind: Service
metadata:
name: postfix
spec:
selector:
app: postfix
ports:
- name: smtp
port: 25
targetPort: smtp
---
apiVersion: v1
kind: ConfigMap
metadata:
name: portasigma-dkim-keys
data:
mail.private: |
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAz3EGBdEk+/Wp4rewvcY3sVyC+TpJWZZMih8yJ0GCGEqCAvwT
...
1hn8I/gK7WzCqSBe9MSYe273K1dkxJPG4dAKT6SALqs1naAHGjlQGOM=
-----END RSA PRIVATE KEY-----
mail.txt:
"mail._domainkey.mydomain.com.\tIN\tTXT\t( \"v=DKIM1; h=sha256; k=rsa;
\"\n\t \"p=...\"
) ; ----- DKIM key mail for mydomain.com\n"