fix: right-size service memory after PVE RAM upgrade (142→272GB)

- MySQL InnoDB: 2Gi/4Gi → 3Gi/6Gi (was at 97% of limit) - Redis HAProxy: 16Mi/16Mi → 32Mi/64Mi (OOMKilled) - Plotting-book: 64Mi/64Mi → 128Mi/256Mi (OOMKilled) - Tandoor: 256Mi/256Mi → 384Mi/512Mi (60 OOM restarts), re-enabled - Navidrome: 128Mi/128Mi → 256Mi/384Mi - Matrix: add explicit 256Mi/512Mi resources - Trading-bot workers: 64Mi/64Mi → 128Mi/256Mi, re-enabled - Tier 3-edge defaults: 96Mi/192Mi → 128Mi/256Mi - Fallback tier defaults: 128Mi/128Mi → 128Mi/192Mi, max 2→4Gi - Mailserver: disable rspamd-redis, fix Roundcube IPv6/IMAP, bump dovecot connections
2026-04-05 23:02:50 +03:00 · 2026-04-05 23:02:50 +03:00 · 4da8f0242f
commit 4da8f0242f
parent 825adc4a67
10 changed files with 113 additions and 98 deletions
--- a/stacks/mailserver/modules/mailserver/main.tf
+++ b/stacks/mailserver/modules/mailserver/main.tf
@ -116,6 +116,10 @@ resource "kubernetes_config_map" "mailserver_config" {
        }
    }
    EOF
+    # Increase max IMAP connections per user+IP - all Roundcube connections come from same pod IP
+    "dovecot.cf" = <<-EOF
+    mail_max_userip_connections = 50
+    EOF
    fail2ban_conf       = <<-EOF
    [DEFAULT]

@ -286,12 +290,12 @@ resource "kubernetes_deployment" "mailserver" {
            sub_path   = "fetchmail.cf"
            read_only  = true
          }
-          # volume_mount {
-          #   name       = "config"
-          #   mount_path = "/tmp/docker-mailserver/dovecot.cf"
-          #   sub_path   = "dovecot.cf"
-          #   read_only  = true
-          # }
+          volume_mount {
+            name       = "config"
+            mount_path = "/tmp/docker-mailserver/dovecot.cf"
+            sub_path   = "dovecot.cf"
+            read_only  = true
+          }
          # volume_mount {
          #   name       = "user-patches"
          #   mount_path = "/tmp/user-patches.sh"