From 6409eab04d4e8e948a2ae60dbba9ae5ab19ed3f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Huss?= <sebastien.huss@gmail.com>
Date: Sat, 12 Aug 2023 13:01:12 +0200
Subject: [PATCH] fix

---
 share/wildduck/haraka.tf  | 73 +++++++++++++++++++++++++++++++++++++--
 share/wildduck/index.yaml | 60 ++++++++++++++++----------------
 2 files changed, 101 insertions(+), 32 deletions(-)

diff --git a/share/wildduck/haraka.tf b/share/wildduck/haraka.tf
index 23da30d..cf3d910 100644
--- a/share/wildduck/haraka.tf
+++ b/share/wildduck/haraka.tf
@@ -35,7 +35,7 @@ resource "kubectl_manifest" "haraka_deploy" {
             imagePullPolicy: "${var.images.haraka.pullPolicy}"
             ports:
             - name: smtp
-              containerPort: 25
+              containerPort: 2500
               protocol: TCP
             livenessProbe:
               tcpSocket:
@@ -118,8 +118,77 @@ resource "kubectl_manifest" "haraka_config" {
         positive = +
         negative = -
         neutral = /'
+      smtp.ini: |-
+        ; address to listen on (default: all IPv6 and IPv4 addresses, port 25)
+        ; use "[::0]:25" to listen on IPv6 and IPv4 (not all OSes)
+        ;listen=[::0]:2500
+
+        ; Note you can listen on multiple IPs/ports using commas:
+        ;listen=127.0.0.1:2529,127.0.0.2:2529,127.0.0.3:2530
+
+        ; public IP address (default: none)
+        ; If your machine is behind a NAT, some plugins (SPF, GeoIP) gain features
+        ; if they know the servers public IP. If 'stun' is installed, Haraka will
+        ; try to figure it out. If that doesn't work, set it here.
+        ;public_ip=N.N.N.N
+
+        ; Time in seconds to let sockets be idle with no activity
+        ;inactivity_timeout=300
+
+        ; Drop privileges to this user/group
+        ;user=smtp
+        ;group=smtp
+
+        ; Don't stop Haraka if plugins fail to compile
+        ;ignore_bad_plugins=0
+
+        ; Run using cluster to fork multiple backend processes
+        ;nodes=cpus
+
+        ; Daemonize
+        ;daemonize=true
+        ;daemon_log_file=/var/log/haraka.log
+        ;daemon_pid_file=/var/run/haraka.pid
+
+        ; Spooling
+        ; Save memory by spooling large messages to disk
+        ;spool_dir=/var/spool/haraka
+        ; Specify -1 to never spool to disk
+        ; Specify 0 to always spool to disk
+        ; Otherwise specify a size in bytes, once reached the
+        ; message will be spooled to disk to save memory.
+        ;spool_after=
+
+        ; Force Shutdown Timeout
+        ; - Haraka tries to close down gracefully, but if everything is shut down
+        ;   after this time it will hard close. 30s is usually long enough to
+        ;   wait for outbound connections to finish.
+        ;force_shutdown_timeout=30
+
+        ; SMTP service extensions: https://tools.ietf.org/html/rfc1869
+        ; strict_rfc1869 = false
+
+        ; Advertise support for SMTPTUF8 (RFC-6531)
+        ;smtputf8=true
+
+        [headers]
+        ;add_received=true
+        ;clean_auth_results=true
+
+        ; replace header_hide_version
+        ;show_version=true
+
+        ; replace max_header_lines
+        max_lines=1000
+
+        ; replace max_received_count
+        max_received=100
+      dkim_sign.ini: |-
+        disabled = true
+        selector = mail
+        domain = ${var.domain-name}
+        headers_to_sign = From, Sender, Reply-To, Subject, Date, Message-ID, To, Cc, MIME-Version
       wildduck.yaml: |-
-        ## Connect to a master instance or Redis
         redis:
             port: 6379
             host: "${var.instance}-${var.component}-redis.${var.namespace}.svc"
diff --git a/share/wildduck/index.yaml b/share/wildduck/index.yaml
index 2cccec7..7acdb54 100644
--- a/share/wildduck/index.yaml
+++ b/share/wildduck/index.yaml
@@ -6,6 +6,31 @@ metadata:
   name: wildduck
   description: null
 options:
+  domain-name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
+  ingress-class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  additional-domains:
+    default: []
+    items:
+      type: string
+    type: array
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  domain:
+    default: your-company
+    examples:
+    - your-company
+    type: string
   images:
     default:
       haraka:
@@ -169,16 +194,6 @@ options:
             type: string
         type: object
     type: object
-  additional-domains:
-    default: []
-    items:
-      type: string
-    type: array
-  issuer:
-    default: letsencrypt-prod
-    examples:
-    - letsencrypt-prod
-    type: string
   redis:
     default:
       exporter:
@@ -212,26 +227,6 @@ options:
         default: 2Gi
         type: string
     type: object
-  domain:
-    default: your-company
-    examples:
-    - your-company
-    type: string
-  ingress-class:
-    default: traefik
-    examples:
-    - traefik
-    type: string
-  sub-domain:
-    default: mail
-    examples:
-    - mail
-    type: string
-  domain-name:
-    default: your_company.com
-    examples:
-    - your_company.com
-    type: string
   backups:
     default:
       enable: false
@@ -262,6 +257,11 @@ options:
         default: backup-settings
         type: string
     type: object
+  sub-domain:
+    default: mail
+    examples:
+    - mail
+    type: string
 dependencies:
 - dist: null
   category: dbo