Secrets for James Helm template
Helm James has many secret values to configure before being able to use
it correctly. Those secrets are linked to the template through their
declaration in james-secrets.yaml
. A sample with dumb secrets can be
found in the secrets.sample.yaml
file.
This document presents a quick description of each secret field.
For more information about encrypt/descrypt secret with Helm, see: https://github.com/jkroepke/helm-secrets
James secret values
Field | Mandatory or optional | Description |
---|---|---|
jwtPublicKey |
Mandatory |
The JWT public key used for JWT tokens. |
jwtPrivateKey |
Mandatory |
The JWT private key used for JWT tokens. |
cassandraUser |
Mandatory |
The user for Cassandra access |
cassandraPassword |
Mandatory |
The password fort Cassandra access |
esUser |
Optional |
The user for Elasticsearch access |
esPassword |
Optional |
The password for Elasticsearch access |
dkimPrivateKey |
Optional |
The private key for the generated DKIM |
s3.endpoint |
Mandatory |
The S3 endpoint. ie: http://s3-us-east-1.amazonaws.com |
s3.region |
Mandatory |
The region of the S3 object storage. |
s3.accessKeyId |
Mandatory |
The access key to the S3 object storage |
s3.secretKey |
Mandatory |
The secret key to the S3 object storage |
s3.bucketNameSuffix |
Mandatory |
All buckets in S3 related to james storage start by ``james-''. This allows to have a suffix for each tenant |
jwtPublicKey
Use openssl
to generate self-signed certificate and convert to Java
Key Store JKS. You can find an example
here
DKIM
To generate DKIM, you can follow our guide: howTo Dkim