Gitiles
Code Review Sign In
gerrit.hackerspace.pl / hscloud / 6be8b2e301ad6c1a7379e36f761bd72e8bc72ebc / . / app / matrix / matrix.hackerspace.pl.jsonnet
blob: 1478401bb54521f5cc7958d74167dbd71cd0dd48 [file] [log] [blame]
Piotr Dobrowolskibabcb802021-01-31 18:57:21 +0100[diff] [blame]1local matrix = import "lib/matrix-ng.libsonnet";
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]2local irc = import "lib/appservice-irc.libsonnet";
3local telegram = import "lib/appservice-telegram.libsonnet";
4
5matrix {
6 local app = self,
7 local cfg = app.cfg,
8 cfg+:: {
9 namespace: "matrix",
10 webDomain: "matrix.hackerspace.pl",
11 serverName: "hackerspace.pl",
Piotr Dobrowolskibabcb802021-01-31 18:57:21 +0100[diff] [blame]12 oidc+: {
Serge Bazanskiace32c02020-11-03 22:04:06 +0100[diff] [blame]13 enable: true,
Piotr Dobrowolskibabcb802021-01-31 18:57:21 +0100[diff] [blame]14 config+: {
15 allow_existing_users: true,
16 issuer: "https://sso.hackerspace.pl",
17 client_id: "matrix",
18 client_secret: { secretKeyRef: { name: "oauth2-cas-proxy", key: "oauth2_secret" } },
19 user_profile_method: "userinfo_endpoint",
20 client_auth_method: "client_secret_post",
Serge Bazanski8483d372020-11-10 22:07:30 +0100[diff] [blame]21 },
Serge Bazanskiace32c02020-11-03 22:04:06 +0100[diff] [blame]22 },
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]23 },
24
Piotr Dobrowolski95da3d52021-02-06 11:55:34 +0100[diff] [blame]25 riot+: {
26 config+: {
27 showLabsSettings: true,
28 },
29 },
30
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]31 appservices: {
32 "irc-freenode": irc.AppServiceIrc("freenode") {
33 cfg+: {
Serge Bazanskiace32c02020-11-03 22:04:06 +0100[diff] [blame]34 image: cfg.images.appserviceIRC,
Serge Bazanski61f978a2021-01-22 16:26:07 +0100[diff] [blame]35 storageClassName: "waw-hdd-redundant-3",
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]36 metadata: app.metadata("appservice-irc-freenode"),
37 // TODO(q3k): add labels to blessed nodes
38 nodeSelector: {
Piotr Dobrowolski356dd6d2021-01-31 18:09:49 +0100[diff] [blame]39 "kubernetes.io/hostname": "bc01n02.hswaw.net",
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]40 },
Serge Bazanskie7f14472021-05-19 16:07:30 +0000[diff] [blame]41 bootstrapJob: false,
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]42 config+: {
43 homeserver+: {
44 url: "https://%s" % [cfg.webDomain],
45 domain: "%s" % [cfg.serverName],
46 },
47 ircService+: {
Serge Bazanski6be8b2e2021-05-19 16:32:20 +0000[diff] [blame^]48 permissions: {
49 "@q3k:hackerspace.pl": "admin",
50 "@informatic:hackerspace.pl": "admin",
51 },
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]52 servers+: {
53 "irc.freenode.net"+: {
54 ircClients+: {
55 maxClients: 150,
56 },
57 },
58 },
59 },
60 },
Piotr Dobrowolski37fbff72021-02-13 20:17:33 +0100[diff] [blame]61 passwordEncryptionKeySecret: "appservice-irc-password-encryption-key",
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]62 },
63 },
64 "telegram-prod": telegram.AppServiceTelegram("prod") {
65 cfg+: {
Serge Bazanskiace32c02020-11-03 22:04:06 +0100[diff] [blame]66 image: cfg.images.appserviceTelegram,
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]67 storageClassName: cfg.storageClassName,
68 metadata: app.metadata("appservice-telegram-prod"),
Serge Bazanskie7f14472021-05-19 16:07:30 +0000[diff] [blame]69 bootstrapJob: false,
Serge Bazanski60076c72020-11-03 19:17:25 +0100[diff] [blame]70
71 config+: {
72 homeserver+: {
73 address: "https://%s" % [cfg.webDomain],
74 domain: cfg.serverName,
75 },
76 appservice+: {
77 id: "telegram",
78 },
79 telegram+: {
80 api_id: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-id", "\n"))[0],
81 api_hash: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-hash", "\n"))[0],
82 bot_token: (std.split(importstr "secrets/plain/appservice-telegram-prod-token", "\n"))[0],
83 },
84 bridge+: {
85 permissions+: {
86 "hackerspace.pl": "puppeting",
87 "@q3k:hackerspace.pl": "admin",
88 },
89 },
90 },
91 },
92 },
93 },
94}