Piotr Dobrowolski | b67ae48 | 2021-01-31 10:35:38 +0100 | [diff] [blame] | 1 | local kube = import "../../../kube/kube.libsonnet"; |
| 2 | |
| 3 | { |
| 4 | local app = self, |
| 5 | local cfg = app.cfg, |
| 6 | cfg:: { |
| 7 | # webDomain is the domain name at which element will run |
| 8 | webDomain: error "cfg.webDomain must be set", |
| 9 | # serverName is the server part of the MXID this homeserver will cover |
| 10 | serverName: error "cfg.serverName must be set", |
| 11 | image: error "cfg.image must be set", |
| 12 | }, |
| 13 | |
| 14 | ns:: error "ns needs to be a kube.Namespace object", |
| 15 | |
| 16 | config:: { |
| 17 | "default_hs_url": "https://%s" % [cfg.webDomain], |
| 18 | "disable_custom_urls": false, |
| 19 | "disable_guests": false, |
| 20 | "disable_login_language_selector": false, |
| 21 | "disable_3pid_login": true, |
| 22 | "brand": "Riot", |
| 23 | "integrations_ui_url": "https://scalar.vector.im/", |
| 24 | "integrations_rest_url": "https://scalar.vector.im/api", |
| 25 | "integrations_jitsi_widget_url": "https://scalar.vector.im/api/widgets/jitsi.html", |
| 26 | |
| 27 | "bug_report_endpoint_url": "https://riot.im/bugreports/submit", |
| 28 | "features": { |
| 29 | "feature_groups": "labs", |
| 30 | "feature_pinning": "labs", |
| 31 | "feature_reactions": "labs" |
| 32 | }, |
| 33 | "default_federate": true, |
| 34 | "default_theme": "light", |
| 35 | "roomDirectory": { |
| 36 | "servers": [ |
| 37 | cfg.serverName, |
| 38 | ] |
| 39 | }, |
| 40 | "welcomeUserId": "@riot-bot:matrix.org", |
| 41 | "enable_presence_by_hs_url": { |
| 42 | "https://matrix.org": false |
| 43 | } |
| 44 | }, |
| 45 | |
| 46 | configMap: app.ns.Contain(kube.ConfigMap("riot-web-config")) { |
| 47 | data: { |
| 48 | "config.json": std.manifestJsonEx(app.config, ""), |
| 49 | // Standard nginx.conf, made to work when running as unprivileged user. |
| 50 | "nginx.conf": importstr "riot/nginx.conf", |
| 51 | }, |
| 52 | }, |
| 53 | |
| 54 | deployment: app.ns.Contain(kube.Deployment("riot-web")) { |
| 55 | spec+: { |
| 56 | replicas: 1, |
| 57 | template+: { |
| 58 | spec+: { |
| 59 | volumes_: { |
| 60 | config: kube.ConfigMapVolume(app.configMap), |
| 61 | }, |
| 62 | containers_: { |
| 63 | web: kube.Container("riot-web") { |
| 64 | image: cfg.image, |
| 65 | ports_: { |
| 66 | http: { containerPort: 8080 }, |
| 67 | }, |
| 68 | volumeMounts: [ |
| 69 | { |
| 70 | name: "config", |
| 71 | mountPath: "/app/config.json", |
| 72 | subPath: "config.json", |
| 73 | }, |
| 74 | { |
| 75 | name: "config", |
| 76 | mountPath: "/etc/nginx/nginx.conf", |
| 77 | subPath: "nginx.conf", |
| 78 | }, |
| 79 | ], |
| 80 | }, |
| 81 | }, |
| 82 | securityContext: { |
| 83 | // nginx:nginx |
| 84 | runAsUser: 101, |
| 85 | runAsGroup: 101, |
| 86 | }, |
| 87 | }, |
| 88 | }, |
| 89 | }, |
| 90 | }, |
| 91 | |
| 92 | svc: app.ns.Contain(kube.Service("riot-web")) { |
| 93 | target_pod:: app.deployment.spec.template, |
| 94 | }, |
| 95 | } |