app/matrix/matrix.hackerspace.pl.jsonnet - hscloud - Gitiles

 local matrix = import "lib/matrix.libsonnet";
 local irc = import "lib/appservice-irc.libsonnet";
 local telegram = import "lib/appservice-telegram.libsonnet";

 matrix {
     local app = self,
     local cfg = app.cfg,
     cfg+:: {
         namespace: "matrix",
         webDomain: "matrix.hackerspace.pl",
         serverName: "hackerspace.pl",
         cas: {
             enable: true,
             oauth2: {
                 clientID: "matrix",
                 clientSecret: { secretKeyRef: { name: "oauth2-cas-proxy", key: "oauth2_secret" } },
                 scope: "profile:read",
                 authorizeURL: "https://sso.hackerspace.pl/oauth/authorize",
                 tokenURL: "https://sso.hackerspace.pl/oauth/token",
                 userinfoURL: "https://sso.hackerspace.pl/api/1/profile",
             },
         },
     },

     appservices: {
         "irc-freenode": irc.AppServiceIrc("freenode") {
             cfg+: {
                 image: cfg.images.appserviceIRC,
                 storageClassName: "waw-hdd-redundant-3",
                 metadata: app.metadata("appservice-irc-freenode"),
                 // TODO(q3k): add labels to blessed nodes
                 nodeSelector: {
                     "kubernetes.io/hostname": "bc01n03.hswaw.net",
                 },
                 config+: {
                     homeserver+: {
                         url: "https://%s" % [cfg.webDomain],
                         domain: "%s" % [cfg.serverName],
                     },
                     ircService+: {
                         servers+: {
                             "irc.freenode.net"+: {
                                 ircClients+: {
                                     maxClients: 150,
                                 },
                             },
                         },
                     },
                 },
             },
         },
         "telegram-prod": telegram.AppServiceTelegram("prod") {
             cfg+: {
                 image: cfg.images.appserviceTelegram,
                 storageClassName: cfg.storageClassName,
                 metadata: app.metadata("appservice-telegram-prod"),

                 config+: {
                     homeserver+: {
                         address: "https://%s" % [cfg.webDomain],
                         domain: cfg.serverName,
                     },
                     appservice+: {
                         id: "telegram",
                     },
                     telegram+: {
                         api_id: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-id", "\n"))[0],
                         api_hash: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-hash", "\n"))[0],
                         bot_token: (std.split(importstr "secrets/plain/appservice-telegram-prod-token", "\n"))[0],
                     },
                     bridge+: {
                         permissions+: {
                             "hackerspace.pl": "puppeting",
                             "@q3k:hackerspace.pl": "admin",
                         },
                     },
                 },
             },
         },
     },
 }
	local matrix = import "lib/matrix.libsonnet";
	local irc = import "lib/appservice-irc.libsonnet";
	local telegram = import "lib/appservice-telegram.libsonnet";

	matrix {
	local app = self,
	local cfg = app.cfg,
	cfg+:: {
	namespace: "matrix",
	webDomain: "matrix.hackerspace.pl",
	serverName: "hackerspace.pl",
	cas: {
	enable: true,
	oauth2: {
	clientID: "matrix",
	clientSecret: { secretKeyRef: { name: "oauth2-cas-proxy", key: "oauth2_secret" } },
	scope: "profile:read",
	authorizeURL: "https://sso.hackerspace.pl/oauth/authorize",
	tokenURL: "https://sso.hackerspace.pl/oauth/token",
	userinfoURL: "https://sso.hackerspace.pl/api/1/profile",
	},
	},
	},

	appservices: {
	"irc-freenode": irc.AppServiceIrc("freenode") {
	cfg+: {
	image: cfg.images.appserviceIRC,
	storageClassName: "waw-hdd-redundant-3",
	metadata: app.metadata("appservice-irc-freenode"),
	// TODO(q3k): add labels to blessed nodes
	nodeSelector: {
	"kubernetes.io/hostname": "bc01n03.hswaw.net",
	},
	config+: {
	homeserver+: {
	url: "https://%s" % [cfg.webDomain],
	domain: "%s" % [cfg.serverName],
	},
	ircService+: {
	servers+: {
	"irc.freenode.net"+: {
	ircClients+: {
	maxClients: 150,
	},
	},
	},
	},
	},
	},
	},
	"telegram-prod": telegram.AppServiceTelegram("prod") {
	cfg+: {
	image: cfg.images.appserviceTelegram,
	storageClassName: cfg.storageClassName,
	metadata: app.metadata("appservice-telegram-prod"),

	config+: {
	homeserver+: {
	address: "https://%s" % [cfg.webDomain],
	domain: cfg.serverName,
	},
	appservice+: {
	id: "telegram",
	},
	telegram+: {
	api_id: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-id", "\n"))[0],
	api_hash: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-hash", "\n"))[0],
	bot_token: (std.split(importstr "secrets/plain/appservice-telegram-prod-token", "\n"))[0],
	},
	bridge+: {
	permissions+: {
	"hackerspace.pl": "puppeting",
	"@q3k:hackerspace.pl": "admin",
	},
	},
	},
	},
	},
	},
	}