Ronni Baslund
88ac5e620c
ci / changes (push) Successful in 4s
ci / tc_portal (push) Has been skipped
ci / tc_operator (push) Has been skipped
ci / tc_website (push) Has been skipped
ci / tc_booking (push) Has been skipped
ci / tc_platform_api (push) Successful in 21s
ci / build_portal (push) Has been skipped
ci / build_booking (push) Has been skipped
ci / build_operator (push) Has been skipped
ci / test_platform_api (push) Successful in 33s
ci / build_platform_api (push) Successful in 19s
ci / deploy (push) Failing after 9s
Outlook autodiscovers via POST https://autodiscover.<domain>/autodiscover/ autodiscover.xml and Thunderbird via autoconfig.<domain>/mail/ config-v1.1.xml — Stalwart serves both (verified, answers carry mail.dezky.eu:993/465) but its HTTP listener wasn't reachable from outside (the node's :443 is Traefik's). New exact-path-only Ingress routes JUST those discovery endpoints to host-Stalwart via a selectorless Service + Endpoints on the cni0 gateway; the admin/management surface stays internal, and there's no HTTPS-redirect middleware because Thunderbird probes plain HTTP and Outlook POSTs. Domains page now also lists the autoconfig/autodiscover CNAMEs under the autodiscovery slot (CNAME verified against the mail host; a bare A record warns instead of failing). Customer-domain autodiscovery (per-domain certs + automated Ingress) is a follow-up.
16 lines
473 B
YAML
16 lines
473 B
YAML
# Kustomization for the dezky application tier. Real Secrets are applied
|
|
# out-of-band (sealed-secrets / SOPS), so secrets.example.yaml is intentionally
|
|
# NOT listed here — it is a template only.
|
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
|
kind: Kustomization
|
|
namespace: dezky-apps
|
|
resources:
|
|
- namespace.yaml
|
|
- redirect-middleware.yaml
|
|
- mail-autodiscovery.yaml
|
|
- platform-api-config.yaml
|
|
- platform-api.yaml
|
|
- portal.yaml
|
|
- booking.yaml
|
|
- operator.yaml
|