| local kube = import "../../../kube/kube.libsonnet"; |
| |
| { |
| local app = self, |
| local cfg = app.cfg, |
| cfg:: { |
| # webDomain is the domain name at which element will run |
| webDomain: error "cfg.webDomain must be set", |
| # serverName is the server part of the MXID this homeserver will cover |
| serverName: error "cfg.serverName must be set", |
| image: error "cfg.image must be set", |
| }, |
| |
| ns:: error "ns needs to be a kube.Namespace object", |
| |
| config:: { |
| "default_hs_url": "https://%s" % [cfg.webDomain], |
| "disable_custom_urls": false, |
| "disable_guests": false, |
| "disable_login_language_selector": false, |
| "disable_3pid_login": true, |
| "brand": "Riot", |
| "integrations_ui_url": "https://scalar.vector.im/", |
| "integrations_rest_url": "https://scalar.vector.im/api", |
| "integrations_jitsi_widget_url": "https://scalar.vector.im/api/widgets/jitsi.html", |
| |
| "bug_report_endpoint_url": "https://riot.im/bugreports/submit", |
| "features": { |
| "feature_groups": "labs", |
| "feature_pinning": "labs", |
| "feature_reactions": "labs" |
| }, |
| "default_federate": true, |
| "default_theme": "light", |
| "roomDirectory": { |
| "servers": [ |
| cfg.serverName, |
| ] |
| }, |
| "welcomeUserId": "@riot-bot:matrix.org", |
| "enable_presence_by_hs_url": { |
| "https://matrix.org": false |
| } |
| }, |
| |
| configMap: app.ns.Contain(kube.ConfigMap("riot-web-config")) { |
| data: { |
| "config.json": std.manifestJsonEx(app.config, ""), |
| // Standard nginx.conf, made to work when running as unprivileged user. |
| "nginx.conf": importstr "riot/nginx.conf", |
| }, |
| }, |
| |
| deployment: app.ns.Contain(kube.Deployment("riot-web")) { |
| spec+: { |
| replicas: 1, |
| template+: { |
| spec+: { |
| volumes_: { |
| config: kube.ConfigMapVolume(app.configMap), |
| }, |
| containers_: { |
| web: kube.Container("riot-web") { |
| image: cfg.image, |
| ports_: { |
| http: { containerPort: 8080 }, |
| }, |
| volumeMounts: [ |
| { |
| name: "config", |
| mountPath: "/app/config.json", |
| subPath: "config.json", |
| }, |
| { |
| name: "config", |
| mountPath: "/etc/nginx/nginx.conf", |
| subPath: "nginx.conf", |
| }, |
| ], |
| }, |
| }, |
| securityContext: { |
| // nginx:nginx |
| runAsUser: 101, |
| runAsGroup: 101, |
| }, |
| }, |
| }, |
| }, |
| }, |
| |
| svc: app.ns.Contain(kube.Service("riot-web")) { |
| target:: app.deployment, |
| }, |
| } |