blob: 23273f9c35e42bd7d498bcc1dfbd922f37986c62 [file] [log] [blame]
local kube = import "../../../kube/kube.libsonnet";
{
local app = self,
local cfg = app.cfg,
cfg:: {
# webDomain is the domain name at which element will run
webDomain: error "cfg.webDomain must be set",
# serverName is the server part of the MXID this homeserver will cover
serverName: error "cfg.serverName must be set",
image: error "cfg.image must be set",
},
ns:: error "ns needs to be a kube.Namespace object",
config:: {
"default_hs_url": "https://%s" % [cfg.webDomain],
"disable_custom_urls": false,
"disable_guests": false,
"disable_login_language_selector": false,
"disable_3pid_login": true,
"brand": "Riot",
"integrations_ui_url": "https://scalar.vector.im/",
"integrations_rest_url": "https://scalar.vector.im/api",
"integrations_jitsi_widget_url": "https://scalar.vector.im/api/widgets/jitsi.html",
"bug_report_endpoint_url": "https://riot.im/bugreports/submit",
"features": {
"feature_groups": "labs",
"feature_pinning": "labs",
"feature_reactions": "labs"
},
"default_federate": true,
"default_theme": "light",
"roomDirectory": {
"servers": [
cfg.serverName,
]
},
"welcomeUserId": "@riot-bot:matrix.org",
"enable_presence_by_hs_url": {
"https://matrix.org": false
}
},
configMap: app.ns.Contain(kube.ConfigMap("riot-web-config")) {
data: {
"config.json": std.manifestJsonEx(app.config, ""),
// Standard nginx.conf, made to work when running as unprivileged user.
"nginx.conf": importstr "riot/nginx.conf",
},
},
deployment: app.ns.Contain(kube.Deployment("riot-web")) {
spec+: {
replicas: 1,
template+: {
spec+: {
volumes_: {
config: kube.ConfigMapVolume(app.configMap),
},
containers_: {
web: kube.Container("riot-web") {
image: cfg.image,
ports_: {
http: { containerPort: 8080 },
},
volumeMounts: [
{
name: "config",
mountPath: "/app/config.json",
subPath: "config.json",
},
{
name: "config",
mountPath: "/etc/nginx/nginx.conf",
subPath: "nginx.conf",
},
],
},
},
securityContext: {
// nginx:nginx
runAsUser: 101,
runAsGroup: 101,
},
},
},
},
},
svc: app.ns.Contain(kube.Service("riot-web")) {
target:: app.deployment,
},
}