| local matrix = import "lib/matrix.libsonnet"; |
| local irc = import "lib/appservice-irc.libsonnet"; |
| local telegram = import "lib/appservice-telegram.libsonnet"; |
| |
| matrix { |
| local app = self, |
| local cfg = app.cfg, |
| cfg+:: { |
| namespace: "matrix", |
| webDomain: "matrix.hackerspace.pl", |
| serverName: "hackerspace.pl", |
| cas: { |
| enable: true, |
| oauth2: { |
| clientID: "matrix", |
| clientSecret: { secretKeyRef: { name: "oauth2-cas-proxy", key: "oauth2_secret" } }, |
| scope: "profile:read", |
| authorizeURL: "https://sso.hackerspace.pl/oauth/authorize", |
| tokenURL: "https://sso.hackerspace.pl/oauth/token", |
| userinfoURL: "https://sso.hackerspace.pl/api/1/profile", |
| }, |
| }, |
| }, |
| |
| appservices: { |
| "irc-freenode": irc.AppServiceIrc("freenode") { |
| cfg+: { |
| image: cfg.images.appserviceIRC, |
| storageClassName: "waw-hdd-redundant-3", |
| metadata: app.metadata("appservice-irc-freenode"), |
| // TODO(q3k): add labels to blessed nodes |
| nodeSelector: { |
| "kubernetes.io/hostname": "bc01n03.hswaw.net", |
| }, |
| config+: { |
| homeserver+: { |
| url: "https://%s" % [cfg.webDomain], |
| domain: "%s" % [cfg.serverName], |
| }, |
| ircService+: { |
| servers+: { |
| "irc.freenode.net"+: { |
| ircClients+: { |
| maxClients: 150, |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| "telegram-prod": telegram.AppServiceTelegram("prod") { |
| cfg+: { |
| image: cfg.images.appserviceTelegram, |
| storageClassName: cfg.storageClassName, |
| metadata: app.metadata("appservice-telegram-prod"), |
| |
| config+: { |
| homeserver+: { |
| address: "https://%s" % [cfg.webDomain], |
| domain: cfg.serverName, |
| }, |
| appservice+: { |
| id: "telegram", |
| }, |
| telegram+: { |
| api_id: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-id", "\n"))[0], |
| api_hash: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-hash", "\n"))[0], |
| bot_token: (std.split(importstr "secrets/plain/appservice-telegram-prod-token", "\n"))[0], |
| }, |
| bridge+: { |
| permissions+: { |
| "hackerspace.pl": "puppeting", |
| "@q3k:hackerspace.pl": "admin", |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| } |