commit 122d5e586491e23b844bd610ae3f4cbc5857b5fa
author Piotr Dobrowolski <informatic@hackerspace.pl> Fri Sep 10 23:54:34 2021 +0200
committer informatic <informatic@hackerspace.pl> Wed Sep 15 21:12:34 2021 +0000
tree a39e475b063a7ad8870c039973e6f7936d5a2986
parent 0e6c6720d96a818aedafe27eebb7246fb8da011e

app/matrix: matrix-media-repo RGW-based media storage

Change-Id: I459bd78eee52fd349a16f31a48346d3258ef50a4
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1081
Reviewed-by: q3k <q3k@hackerspace.pl>

app/matrix/lib/media-repo.libsonnet

diff --git a/app/matrix/lib/media-repo.libsonnet b/app/matrix/lib/media-repo.libsonnet
new file mode 100644
index 0000000..338dc78
--- /dev/null
+++ b/app/matrix/lib/media-repo.libsonnet
@@ -0,0 +1,97 @@
+local kube = import "../../../kube/kube.libsonnet";
+
+{
+    local app = self,
+    local cfg = app.cfg,
+    cfg:: {
+        image: error "cfg.image needs to be set",
+
+        homeservers: [],
+        admins: [],
+
+        s3: {
+            endpoint: error "cfg.s3.endpoint needs to be set",
+            accessKey: error "cfg.s3.accessKey needs to be set",
+            secretKey: error "cfg.s3.secretKey needs to be set",
+            bucketName: error "cfg.s3.bucketName needs to be set",
+            region: error "cfg.s3.region needs to be set",
+        },
+
+        db: {
+            username: error "cfg.db.username needs to be set",
+            password: error "cfg.db.password needs to be set",
+            database: error "cfg.db.database needs to be set",
+            host: error "cfg.db.host needs to be set",
+        },
+    },
+
+    ns:: error "ns needs to be a kube.Namespace object",
+
+    config:: {
+        repo: {
+            bindAddress: "0.0.0.0",
+            port: 8000,
+        },
+        database: {
+            postgres: "postgres://%s:%s@%s/%s?sslmode=disable" % [cfg.db.username, cfg.db.password, cfg.db.host, cfg.db.database],
+        },
+        homeservers: cfg.homeservers,
+        admins: cfg.admins,
+        datastores: [
+            {
+                type: "s3",
+                enabled: true,
+                forKinds: ["all"],
+                opts: {
+                    tempPath: "/tmp/mediarepo_s3_upload",
+                    endpoint: cfg.s3.endpoint,
+                    accessKeyId: cfg.s3.accessKey,
+                    accessSecret: cfg.s3.secretKey,
+                    ssl: false,
+                    bucketName: cfg.s3.bucketName,
+                    region: cfg.s3.region,
+                },
+            }
+        ],
+    },
+
+    configSecret: app.ns.Contain(kube.Secret("media-repo-config")) {
+        data_: {
+            "config.yaml": std.manifestJsonEx(app.config, ""),
+        },
+    },
+
+    deployment: app.ns.Contain(kube.Deployment("media-repo")) {
+        spec+: {
+            replicas: 1,
+            template+: {
+                spec+: {
+                    volumes_: {
+                        config: kube.SecretVolume(app.configSecret),
+                        tempdir: kube.EmptyDirVolume(),
+                    },
+                    containers_: {
+                        repo: kube.Container("media-repo") {
+                            image: cfg.image,
+                            command: ["/usr/local/bin/media_repo"],
+                            ports_: {
+                                http: { containerPort: 8000 },
+                            },
+                            env_: {
+                                REPO_CONFIG: "/config",
+                            },
+                            volumeMounts_: {
+                                config: { mountPath: "/config" },
+                                tempdir: { mountPath: "/tmp/mediarepo_s3_upload" },
+                            },
+                        },
+                    },
+                },
+            },
+        },
+    },
+
+    svc: app.ns.Contain(kube.Service("media-repo")) {
+        target_pod:: app.deployment.spec.template,
+    },
+}