Gitiles
Code Review Sign In
gerrit.hackerspace.pl / hscloud / f5844311ebcbc539fe919a2020d1237857b852f0^! / . / app / matrix / lib / matrix.libsonnet
commitf5844311ebcbc539fe919a2020d1237857b852f0[log] [tgz]
authorRadek Pietruszewski <radex@hackerspace.pl>Fri Oct 27 22:41:18 2023 +0200
committerradex <radex@hackerspace.pl>Sat Oct 28 17:55:48 2023 +0000
treebfa4586cba06a0e630ee0f2d760960123f32341d
parent56df80cf249168b5ff2056e3bde7a13f1a6c65b2 [diff] [blame]
*/kube: Add kube.SimpleIngress

Change-Id: Iddcac629b9938f228dd93b32e58bb14606d5c6e5
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1745
Reviewed-by: q3k <q3k@hackerspace.pl>

diff --git a/app/matrix/lib/matrix.libsonnet b/app/matrix/lib/matrix.libsonnet
index 1990358..2b95345 100644
--- a/app/matrix/lib/matrix.libsonnet
+++ b/app/matrix/lib/matrix.libsonnet

@@ -28,7 +28,7 @@
 # For appservice-telegram instances, you can use this oneliner magic:
 #    kubectl -n matrix create secret generic appservice-telegram-prod-registration --from-file=registration.yaml=<(kubectl -n matrix logs job/appservice-telegram-prod-bootstrap | grep -A 100 SNIPSNIP | grep -v SNIPSNIP)
 
-local kube = import "../../../kube/kube.libsonnet";
+local kube = import "../../../kube/hscloud.libsonnet";
 local postgres = import "../../../kube/postgres.libsonnet";
 
 {
@@ -393,37 +393,16 @@
     // until it spits you a registration YAML and you feed that to a secret.
     appservices: {},
 
-    ingress: kube.Ingress("matrix") {
-        metadata+: app.metadata("matrix") {
-            annotations+: {
-                "kubernetes.io/tls-acme": "true",
-                "cert-manager.io/cluster-issuer": "letsencrypt-prod",
-                "nginx.ingress.kubernetes.io/proxy-body-size": "0",
-            },
-        },
-        spec+: {
-            tls: [
-                {
-                    hosts: [cfg.webDomain],
-                    secretName: "synapse-tls",
-                },
-            ],
-            rules: [
-                {
-                    host: cfg.webDomain,
-                    http: {
-                        paths: [
-                            { path: "/", backend: app.riotSvc.name_port },
-                            { path: "/_matrix", backend: app.synapseSvc.name_port },
-                        ] + (if cfg.cas.enable then [
-                            { path: "/_cas", backend: app.casSvc.name_port },
-                        ] else []) + (if cfg.wellKnown then [
-                            { path: "/.well-known/matrix", backend: app.wellKnown.svc.name_port },
-                        ] else [])
-                    },
-                }
-            ],
-        },
+    ingress: kube.SimpleIngress("matrix") {
+        hosts:: [cfg.webDomain],
+        target_service:: app.riotSvc,
+        metadata+: app.metadata("matrix"),
+        extra_paths:: [
+            { path: "/_matrix", backend: app.synapseSvc.name_port },
+        ] + (if cfg.cas.enable then [
+            { path: "/_cas", backend: app.casSvc.name_port },
+        ] else []) + (if cfg.wellKnown then [
+            { path: "/.well-known/matrix", backend: app.wellKnown.svc.name_port },
+        ] else [])
     },
-
 }