Gitiles
Code Review Sign In
gerrit.hackerspace.pl / hscloud / 37991744d8574a0ad4544e1580592f82da7ceb3e / . / app / matrix / lib / riot.libsonnet
blob: 0aa95741d1e9274c57f910fe21d09bc89414d6df [file] [log] [blame]
Piotr Dobrowolskib67ae482021-01-31 10:35:38 +0100[diff] [blame]1local kube = import "../../../kube/kube.libsonnet";
2
3{
radexc995c212023-11-24 12:01:49 +0100[diff] [blame]4 local top = self,
5 local cfg = top.cfg,
Piotr Dobrowolskib67ae482021-01-31 10:35:38 +0100[diff] [blame]6 cfg:: {
7 # webDomain is the domain name at which element will run
8 webDomain: error "cfg.webDomain must be set",
9 # serverName is the server part of the MXID this homeserver will cover
10 serverName: error "cfg.serverName must be set",
11 image: error "cfg.image must be set",
12 },
13
14 ns:: error "ns needs to be a kube.Namespace object",
radexc995c212023-11-24 12:01:49 +0100[diff] [blame]15 local ns = top.ns,
Piotr Dobrowolskib67ae482021-01-31 10:35:38 +0100[diff] [blame]16
17 config:: {
18 "default_hs_url": "https://%s" % [cfg.webDomain],
19 "disable_custom_urls": false,
20 "disable_guests": false,
21 "disable_login_language_selector": false,
22 "disable_3pid_login": true,
23 "brand": "Riot",
24 "integrations_ui_url": "https://scalar.vector.im/",
25 "integrations_rest_url": "https://scalar.vector.im/api",
26 "integrations_jitsi_widget_url": "https://scalar.vector.im/api/widgets/jitsi.html",
27
28 "bug_report_endpoint_url": "https://riot.im/bugreports/submit",
29 "features": {
30 "feature_groups": "labs",
31 "feature_pinning": "labs",
32 "feature_reactions": "labs"
33 },
34 "default_federate": true,
35 "default_theme": "light",
36 "roomDirectory": {
37 "servers": [
38 cfg.serverName,
39 ]
40 },
41 "welcomeUserId": "@riot-bot:matrix.org",
42 "enable_presence_by_hs_url": {
43 "https://matrix.org": false
44 }
45 },
46
radex99ed6a72023-11-24 11:42:55 +0100[diff] [blame]47 configMap: ns.Contain(kube.ConfigMap("riot-web-config")) {
Piotr Dobrowolskib67ae482021-01-31 10:35:38 +0100[diff] [blame]48 data: {
radexc995c212023-11-24 12:01:49 +0100[diff] [blame]49 "config.json": std.manifestJsonEx(top.config, ""),
Piotr Dobrowolskib67ae482021-01-31 10:35:38 +0100[diff] [blame]50 // Standard nginx.conf, made to work when running as unprivileged user.
51 "nginx.conf": importstr "riot/nginx.conf",
52 },
53 },
54
radex99ed6a72023-11-24 11:42:55 +0100[diff] [blame]55 deployment: ns.Contain(kube.Deployment("riot-web")) {
Piotr Dobrowolskib67ae482021-01-31 10:35:38 +0100[diff] [blame]56 spec+: {
57 replicas: 1,
58 template+: {
59 spec+: {
60 volumes_: {
radexc995c212023-11-24 12:01:49 +0100[diff] [blame]61 config: kube.ConfigMapVolume(top.configMap),
Piotr Dobrowolskib67ae482021-01-31 10:35:38 +0100[diff] [blame]62 },
63 containers_: {
64 web: kube.Container("riot-web") {
65 image: cfg.image,
66 ports_: {
67 http: { containerPort: 8080 },
68 },
69 volumeMounts: [
70 {
71 name: "config",
72 mountPath: "/app/config.json",
73 subPath: "config.json",
74 },
75 {
76 name: "config",
77 mountPath: "/etc/nginx/nginx.conf",
78 subPath: "nginx.conf",
79 },
80 ],
81 },
82 },
83 securityContext: {
84 // nginx:nginx
85 runAsUser: 101,
86 runAsGroup: 101,
87 },
88 },
89 },
90 },
91 },
92
radex99ed6a72023-11-24 11:42:55 +0100[diff] [blame]93 svc: ns.Contain(kube.Service("riot-web")) {
radexc995c212023-11-24 12:01:49 +0100[diff] [blame]94 target:: top.deployment,
Piotr Dobrowolskib67ae482021-01-31 10:35:38 +0100[diff] [blame]95 },
96}