makeplane · mguptahub · May 22, 2025 · Apr 30, 2025 · Apr 30, 2025 · May 21, 2025
diff --git a/charts/plane-enterprise/Chart.yaml b/charts/plane-enterprise/Chart.yaml
@@ -5,7 +5,7 @@ description: Meet Plane. An Enterprise software development tool to manage issue
 
 type: application
 
-version: 1.2.2
+version: 1.2.3
 appVersion: "1.9.2"
 
 home: https://plane.so/

diff --git a/charts/plane-enterprise/questions.yml b/charts/plane-enterprise/questions.yml
@@ -60,9 +60,15 @@ questions:
     required: true
     default: "artifacts.plane.so/makeplane/backend-commercial"
     description: "Used by API, Worker, Beat-Worker"
+  - variable: services.email_service.image
+    label: Email Service Docker Image
+    type: string
+    required: true
+    default: "artifacts.plane.so/makeplane/email-commercial"
   - variable: env.storageClass
     label: "Storage Class for Persistent Volume Claims"
     type: storageclass
+
 
 - variable: license.licenseServer
   label: "License Server"
@@ -423,6 +429,52 @@ questions:
     type: string
     default: 500m
 
+- variable: services.email_service.enabled
+  label: "Enable Email Service"
+  type: boolean
+  default: false
+  group: "Email Service Setup"
+  show_subquestion_if: true
+  subquestions:
+  - variable: services.email_service.replicas
+    label: "Default Replica Count"
+    type: int
+    default: 1
+  - variable: services.email_service.memory_limit
+    label: "Memory Limit"
+    type: string
+    default: 1000Mi
+  - variable: services.email_service.cpu_limit
+    label: "CPU Limit"
+    type: string
+    default: 500m
+  - variable: env.email_service_envs.smtp_domain
+    label: "SMTP Domain"
+    type: string
+    default: ""
+  - variable: ssl.issuer
+    label: "SSL Issuer"
+    type: enum
+    options:
+    - "http"
+    - "cloudflare"
+    - "digitalocean"
+    default: "http"
+  - variable: ssl.server
+    label: "Let's Encrypt Server URL"
+    type: string
+    default: "https://acme-v02.services.api.letsencrypt.org/directory"
+  - variable: ssl.email
+    label: "Let's Encrypt Reg. Email"
+    type: string
+    default: "plane@example.com"
+  - variable: ssl.token
+    label: "Provider API Token"
+    type: password
+    default: ""
+    description: "Not required for 'http' issuer"
+    show_if: "ssl.issuer=cloudflare || ssl.issuer=digitalocean"
+
 - variable: services.redis.local_setup
   label: "Install Redis"
   type: boolean

diff --git a/charts/plane-enterprise/templates/certs/email-certs.yaml b/charts/plane-enterprise/templates/certs/email-certs.yaml
@@ -0,0 +1,15 @@
+{{- if and .Values.services.email_service.enabled .Values.env.email_service_envs.smtp_domain }}
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ .Release.Name }}-mail-tls-cert
+  namespace: {{ .Release.Namespace }}
+spec:
+  dnsNames:
+  - {{ .Values.env.email_service_envs.smtp_domain | quote }}
+
+  issuerRef:
+    name: {{ .Release.Name }}-cert-issuer
+  secretName: {{ .Release.Name }}-mail-tls-secret
+--- 
+{{- end }}
diff --git a/charts/plane-enterprise/templates/config-secrets/email-env.yaml b/charts/plane-enterprise/templates/config-secrets/email-env.yaml
@@ -0,0 +1,22 @@
+{{- if .Values.services.email_service.enabled }}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-email-vars
+  namespace: {{ .Release.Namespace }}
+data:
+  SMTP_DOMAIN: {{ .Values.env.email_service_envs.smtp_domain | default "" | quote }}
+  EMAIL_SAVE_ENDPOINT: "http://{{ .Release.Name }}-api.{{ .Release.Namespace }}.svc.cluster.local:8000/intake/email/" 
+  WEBHOOK_URL: "http://{{ .Release.Name }}-api.{{ .Release.Namespace }}.svc.cluster.local:8000/intake/email/"
+  domain-blacklist.txt: |
+    10minutemail.com
+    10minutemail.net
+    10minutemail.org
+  spam.txt: |
+    casino
+    lottery
+    jackpot
+
+---
+{{- end }}
diff --git a/charts/plane-enterprise/templates/workloads/email.deployment.yaml b/charts/plane-enterprise/templates/workloads/email.deployment.yaml
@@ -0,0 +1,102 @@
+{{- if .Values.services.email_service.enabled }}
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Release.Name }}-email-service
+  namespace: {{ .Release.Namespace }}
+spec:
+  type: LoadBalancer
+  externalTrafficPolicy: Local  # Important for email servers
+  selector:
+    app.name: {{ .Release.Namespace }}-{{ .Release.Name }}-email-app
+  ports:
+  - name: smtp
+    port: 25
+    targetPort: 10025
+    protocol: TCP
+  - name: smtps
+    port: 465
+    targetPort: 10465
+    protocol: TCP
+  - name: submission
+    port: 587
+    targetPort: 10587
+    protocol: TCP
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}-email-app
+  namespace: {{ .Release.Namespace }}
+  annotations:
+    reloader.stakater.com/auto: "true"
+spec:
+  replicas: {{ .Values.services.email_service.replicas | default 1 }}
+  selector:
+    matchLabels:
+      app.name: {{ .Release.Namespace }}-{{ .Release.Name }}-email-app
+  template:
+    metadata:
+      namespace: {{ .Release.Namespace }}
+      labels:
+       app.name: {{ .Release.Namespace }}-{{ .Release.Name }}-email-app 
+      annotations:  
+        timestamp: {{ now | quote }}
+    spec:
+      containers:
+      - name: {{ .Release.Name }}-email-app
+        image: {{ .Values.services.email_service.image | default "artifacts.plane.so/makeplane/email-commercial" }}:{{ .Values.planeVersion }}
+        securityContext:
+          runAsUser: 100
+        stdin: true
+        tty: true
+        readinessProbe:
+          exec:
+            command:
+            - nc
+            - -zv
+            - localhost
+            - "10025"
+          initialDelaySeconds: 30
+          periodSeconds: 10
+          timeoutSeconds: 5
+          failureThreshold: 3
+        resources:
+          requests:
+            memory: "50Mi"
+            cpu: "50m"
+          limits:
+            memory: {{ .Values.services.email_service.memory_limit  | default "1000Mi" | quote }}
+            cpu: {{ .Values.services.email_service.cpu_limit | default "500m" | quote}}
+        envFrom:
+          - configMapRef:
+              name: {{ .Release.Name }}-email-vars
+              optional: false
+        volumeMounts:
+          - name: tls-cert
+            mountPath: /opt/email/keys
+          - name: spam-blacklist
+            mountPath: /opt/email/spam.txt
+            subPath: spam.txt
+          - name: spam-blacklist
+            mountPath: /opt/email/domain-blacklist.txt
+            subPath: domain-blacklist.txt
+      volumes:
+        - name: spam-blacklist
+          configMap:
+            name: {{ .Release.Name }}-email-vars
+        - name: tls-cert
+          secret:
+            secretName: {{ .Release.Name }}-mail-tls-secret
+            items:
+            - key: tls.crt
+              path: cert.pem
+            - key: tls.key
+              path: key.pem
+            optional: false
+      serviceAccount: {{ .Release.Name }}-srv-account
+      serviceAccountName: {{ .Release.Name }}-srv-account
+---
+{{- end }}
diff --git a/charts/plane-enterprise/values.yaml b/charts/plane-enterprise/values.yaml
@@ -151,6 +151,13 @@ services:
         client_id: ''
         client_secret: ''
 
+  email_service:
+    enabled: false
+    replicas: 1
+    memory_limit: 1000Mi
+    cpu_limit: 500m
+    image: artifacts.plane.so/makeplane/email-commercial
+
 external_secrets:
   # Name of the existing Kubernetes Secret resource; see README for more details
   rabbitmq_existingSecret: ''
@@ -206,3 +213,6 @@ env:
     hmac_secret_key: ''
     aes_secret_key: 'dsOdt7YrvxsTIFJ37pOaEVvLxN8KGBCr'
     cors_allowed_origins: ''
+
+  email_service_envs:
+    smtp_domain: ''