Intiall Postfix setup :/

helmfile.d/postfix.yaml.gotmpl

@@ -0,0 +1,43 @@
+bases:
+ - ../envs/environments.yaml.gotmpl
+
+repositories:
+- name: postfix
+  url: https://bokysan.github.io/docker-postfix
+
+commonLabels:
+  tier: system
+
+releases:
+- name: postfix
+  namespace: postfix
+  chart: postfix/mail
+  version: 5.1.0
+  condition: postfix.enabled
+  values:
+  - ../values/postfix/values/values.yaml
+  - ../values/postfix/values/values-{{ .Environment.Name }}.yaml
+  postRenderer: ../bin/kustomizer
+  postRendererArgs:
+  - ../values/postfix/kustomize/{{ .Environment.Name }}
+  missingFileHandler: Info
+- name: manifests
+  namespace: postfix
+  chart: manifests
+  condition: postfix.enabled
+  missingFileHandler: Info
+  values:
+  - ../values/env.yaml
+  - ../values/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml
+  - ../values/postfix/env.yaml.gotmpl
+  - ../values/postfix/env-{{ requiredEnv "ARGOCD_ENV_CLUSTER_NAME" }}.yaml.gotmpl
+  hooks:
+  - events: [ prepare, cleanup ]
+    showlogs: true
+    command: ../bin/helmify
+    args:
+    - '{{`{{ if eq .Event.Name "prepare" }}build{{ else }}clean{{ end }}`}}'
+    - '{{`{{ .Release.Chart }}`}}'
+    - '{{`{{ .Environment.Name }}`}}'
+    - ../values/postfix/manifests
+    - manifests

shell.nix

@@ -46,7 +46,7 @@ pkgs.mkShellNoCC {
     ++ checks.enabledPackages;
 
   # Environment variables
-  ARGOCD_ENV_CLUSTER_NAME = "hel1";
+  ARGOCD_ENV_CLUSTER_NAME = "ekman";
   HELM_GIT_ACCESS_TOKEN = "glpat-xxx";
 
   shellHook = builtins.concatStringsSep "\n" [

values/kueue/values/values.yaml

@@ -13,7 +13,7 @@ controllerManager:
           - batch/job
           - jobset.x-k8s.io/jobset
       internalCertManagement:
-        enable: true
+        enable: false
 enableCertManager: false
 enablePrometheus: true
 metrics:

values/postfix/env-hel1.yaml.gotmpl

@@ -0,0 +1,2 @@
+postfix:
+  enabled: true

values/postfix/env.yaml.gotmpl

@@ -0,0 +1,4 @@
+postfix:
+  enabled: false
+  autosync: {{ if eq .Environment.Name "prod" }} false {{ else }} true {{ end }}
+  env: {{ .Environment.Name }}

values/postfix/postfix.yaml

@@ -0,0 +1,42 @@
+{{- if .Values.clusterConfig.argo.enabled }}
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: postfix
+  namespace: argocd
+  annotations:
+    argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  destination:
+    namespace: postfix
+    server: https://kubernetes.default.svc
+  project: sys
+  sources:
+  - repoURL: {{ .Values.clusterConfig.manifests }}
+    targetRevision: HEAD
+    path: helmfile.d
+    plugin:
+      name: helmfile-cmp
+      env:
+      - name: CLUSTER_NAME
+        value: {{ .Values.clusterConfig.cluster }}
+      - name: HELMFILE_ENVIRONMENT
+        value: {{ .Values.postfix.env }}
+      - name: HELMFILE_FILE_PATH
+        value: postfix.yaml.gotmpl
+  syncPolicy:
+    managedNamespaceMetadata:
+      labels:
+        component: sys
+    syncOptions:
+      - CreateNamespace=true
+      - ApplyOutOfSyncOnly=true
+      # - ServerSideApply=true
+    {{- if .Values.postfix.autosync }}
+    automated:
+      prune: true
+      # selfHeal: false
+    {{- end }}
+{{- end }}

values/postfix/values/values.yaml

@@ -0,0 +1,14 @@
+config:
+  general:
+    ALLOWED_SENDER_DOMAINS: "oceanbox.io"
+    DKIM_SELECTOR: "mail"
+    RELAYHOST: "smtp.office365.com:587"
+    RELAYHOST_USERNAME: "noreply@oceanbox.io"
+    POSTFIX_smtp_tls_security_level: "encrypt"
+    POSTFIX_myhostname: "oceanbox.io"
+    POSTFIX_mynetworks: "127.0.0.0/8, 10.1.0.0/24, ::1"
+    XOAUTH2_CLIENT_ID: "00c73c4a-1ad5-477d-b773-d5d63986061e"
+    XOAUTH2_SECRET: "00c73c4a-1ad5-477d-b773-d5d63986061e"
+    ALLOW_EMPTY_SENDER_DOMAINS: "true"
+    XOAUTH2_INITIAL_ACCESS_TOKEN: "<put_your_acess_token>"
+    XOAUTH2_INITIAL_REFRESH_TOKEN: "<put_your_refresh_token>"