add truenas to mail user and move fail2ban logs to stdout as var/log doesnt work for some reason [ci skip]

modules/kubernetes/mailserver/main.tf

@@ -78,6 +78,12 @@ resource "kubernetes_config_map" "mailserver_config" {
     SigningTable  = "*@viktorbarzin.me mail._domainkey.viktorbarzin.me\n"
     TrustedHosts  = "127.0.0.1\nlocalhost\n"
     "sasl_passwd" = var.sasl_passwd
+    fail2ban_conf = <<-EOF
+    [DEFAULT]
+
+    #logtarget = /var/log/fail2ban.log
+    logtarget = SYSOUT
+    EOF
   }
   # Password hashes are different each time and avoid changing secret constantly. 
   # Either 1.Create consistent hashes or 2.Find a way to ignore_changes on per password
@@ -272,6 +278,12 @@ resource "kubernetes_deployment" "mailserver" {
             sub_path   = "sasl_passwd"
             read_only  = true
           }
+          volume_mount {
+            name       = "config"
+            mount_path = "/etc/fail2ban/fail2ban.local"
+            sub_path   = "fail2ban_conf"
+            read_only  = true
+          }
           port {
             name           = "smtp"
             container_port = 25

modules/kubernetes/mailserver/variables.tf

@@ -8,6 +8,9 @@ smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
 smtp_sasl_security_options = noanonymous
 smtp_sasl_tls_security_options = noanonymous
 smtp_tls_security_level = encrypt
+smtpd_tls_cert_file=/tmp/ssl/tls.crt
+smtpd_tls_key_file=/tmp/ssl/tls.key
+smtpd_use_tls=yes
 header_size_limit = 4096000
 
 # Debug mail tls