Gitiles
Code Review Sign In
gerrit.hackerspace.pl / hscloud / 50e987cb683ba9ce46dc9a9ab2b32ca970da806e / . / app / matrix / matrix.hackerspace.pl.jsonnet
blob: 2e769b3a11e1e90e1081d92b607ee9aad8471433 [file] [log] [blame]
Piotr Dobrowolskibabcb802021-01-31 18:57:21 +0100[diff] [blame]1local matrix = import "lib/matrix-ng.libsonnet";
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]2local irc = import "lib/appservice-irc.libsonnet";
3local telegram = import "lib/appservice-telegram.libsonnet";
4
5matrix {
6 local app = self,
7 local cfg = app.cfg,
8 cfg+:: {
9 namespace: "matrix",
10 webDomain: "matrix.hackerspace.pl",
11 serverName: "hackerspace.pl",
Piotr Dobrowolskibabcb802021-01-31 18:57:21 +0100[diff] [blame]12 oidc+: {
Serge Bazanskiace32c02020-11-03 22:04:06 +0100[diff] [blame]13 enable: true,
Piotr Dobrowolskibabcb802021-01-31 18:57:21 +0100[diff] [blame]14 config+: {
15 allow_existing_users: true,
16 issuer: "https://sso.hackerspace.pl",
17 client_id: "matrix",
18 client_secret: { secretKeyRef: { name: "oauth2-cas-proxy", key: "oauth2_secret" } },
19 user_profile_method: "userinfo_endpoint",
20 client_auth_method: "client_secret_post",
Serge Bazanski8483d372020-11-10 22:07:30 +0100[diff] [blame]21 },
Serge Bazanskiace32c02020-11-03 22:04:06 +0100[diff] [blame]22 },
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]23 },
24
Piotr Dobrowolski95da3d52021-02-06 11:55:34 +0100[diff] [blame]25 riot+: {
26 config+: {
27 showLabsSettings: true,
28 },
29 },
30
Serge Bazanskied421912021-06-30 12:16:01 +0000[diff] [blame]31 // Bump up storage to 200Gi from default 100Gi, use different name. The
32 // new name corresponds to a manually migrated and sized-up PVC that
33 // contains data from the original waw3-postgres PVC.
34 postgres3+: {
35 volumeClaim+: {
36 metadata+: {
37 name: "waw3-postgres-2",
38 },
39 spec+: {
40 resources+: {
41 requests+: {
42 storage: "200Gi",
43 },
44 },
45 },
46 },
47 },
48
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]49 appservices: {
50 "irc-freenode": irc.AppServiceIrc("freenode") {
51 cfg+: {
Serge Bazanskiace32c02020-11-03 22:04:06 +0100[diff] [blame]52 image: cfg.images.appserviceIRC,
Serge Bazanski61f978a2021-01-22 16:26:07 +0100[diff] [blame]53 storageClassName: "waw-hdd-redundant-3",
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]54 metadata: app.metadata("appservice-irc-freenode"),
55 // TODO(q3k): add labels to blessed nodes
56 nodeSelector: {
Piotr Dobrowolski356dd6d2021-01-31 18:09:49 +0100[diff] [blame]57 "kubernetes.io/hostname": "bc01n02.hswaw.net",
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]58 },
Serge Bazanskie7f14472021-05-19 16:07:30 +0000[diff] [blame]59 bootstrapJob: false,
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]60 config+: {
61 homeserver+: {
62 url: "https://%s" % [cfg.webDomain],
63 domain: "%s" % [cfg.serverName],
64 },
65 ircService+: {
Serge Bazanski6be8b2e2021-05-19 16:32:20 +0000[diff] [blame]66 permissions: {
67 "@q3k:hackerspace.pl": "admin",
68 "@informatic:hackerspace.pl": "admin",
69 },
Serge Bazanskib387f572021-05-24 13:53:18 +0200[diff] [blame]70 ident: {
71 enabled: true,
72 port: 1113,
73 },
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]74 servers+: {
Serge Bazanski77112242021-05-26 19:42:47 +0000[diff] [blame]75 local servers = self,
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]76 "irc.freenode.net"+: {
Serge Bazanski1431d1d2021-06-06 12:50:37 +0000[diff] [blame]77 mappings+: {},
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]78 ircClients+: {
79 maxClients: 150,
80 },
81 },
Serge Bazanski77112242021-05-26 19:42:47 +0000[diff] [blame]82 "irc.libera.chat": servers["irc.freenode.net"] {
Serge Bazanski1431d1d2021-06-06 12:50:37 +0000[diff] [blame]83 mappings+: import "secrets/plain/appservice-irc-libera-mappings.jsonnet",
Serge Bazanski77112242021-05-26 19:42:47 +0000[diff] [blame]84 ircClients+: {
Serge Bazanski1431d1d2021-06-06 12:50:37 +0000[diff] [blame]85 maxClients: 150,
Serge Bazanski77112242021-05-26 19:42:47 +0000[diff] [blame]86 },
87 name: "Libera Chat",
88 networkId: "libera",
89 dynamicChannels+: {
90 groupId: "+libera:hackerspace.pl",
91 aliasTemplate: "#libera_$CHANNEL",
92 },
93 matrixClients+: {
94 userTemplate:"@libera_$NICK",
95 },
96 },
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]97 },
98 },
99 },
Piotr Dobrowolski37fbff72021-02-13 20:17:33 +0100[diff] [blame]100 passwordEncryptionKeySecret: "appservice-irc-password-encryption-key",
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]101 },
102 },
103 "telegram-prod": telegram.AppServiceTelegram("prod") {
104 cfg+: {
Serge Bazanskiace32c02020-11-03 22:04:06 +0100[diff] [blame]105 image: cfg.images.appserviceTelegram,
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]106 storageClassName: cfg.storageClassName,
107 metadata: app.metadata("appservice-telegram-prod"),
Serge Bazanskie7f14472021-05-19 16:07:30 +0000[diff] [blame]108 bootstrapJob: false,
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]109
110 config+: {
111 homeserver+: {
112 address: "https://%s" % [cfg.webDomain],
113 domain: cfg.serverName,
114 },
115 appservice+: {
116 id: "telegram",
117 },
118 telegram+: {
119 api_id: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-id", "\n"))[0],
120 api_hash: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-hash", "\n"))[0],
121 bot_token: (std.split(importstr "secrets/plain/appservice-telegram-prod-token", "\n"))[0],
122 },
123 bridge+: {
124 permissions+: {
125 "hackerspace.pl": "puppeting",
126 "@q3k:hackerspace.pl": "admin",
127 },
128 },
129 },
130 },
131 },
132 },
133}