charts/matrix/templates/well-known.yaml - pcloud - Gitiles

 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: well-known
   namespace: {{ .Release.Namespace }}
 spec:
   type: ClusterIP
   selector:
     app: well-known
   ports:
   - name: http
     port: 80
     targetPort: http
     protocol: TCP
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: well-known
   namespace: {{ .Release.Namespace }}
   # annotations:
   #   cert-manager.io/cluster-issuer: "{{ .Values.certificateIssuer }}"
   #   acme.cert-manager.io/http01-edit-in-place: "true"
 spec:
   ingressClassName: {{ .Values.ingressClassName }}
   tls:
   - hosts:
     - {{ .Values.domain }}
     secretName: cert-www.{{ .Values.domain }}
   - hosts:
     - www.{{ .Values.domain }}
     secretName: cert-www.{{ .Values.domain }}
   rules:
   - host: {{ .Values.domain }}
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
             name: well-known
             port:
               name: http
   - host: www.{{ .Values.domain }}
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
             name: well-known
             port:
               name: http
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: well-known
   namespace: {{ .Release.Namespace }}
 data:
   nginx.conf: |
     # user       www www;
     worker_processes  1;
     error_log   /dev/null   crit;
     # pid        logs/nginx.pid;
     worker_rlimit_nofile 8192;
     events {
         worker_connections  1024;
     }
     http {
         server {
             listen 8080;
             location /.well-known/matrix/client {
                 return 200 '{"m.homeserver": {"base_url": "https://matrix.{{ .Values.domain }}:443"}}';
                 default_type application/json;
                 add_header Access-Control-Allow-Origin *;
             }
             location /.well-known/matrix/server {
                 return 200 '{"m.server": "matrix.{{ .Values.domain }}:443"}';
                 default_type application/json;
                 add_header Access-Control-Allow-Origin *;
             }
         }
     }
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: well-known
   namespace: {{ .Release.Namespace }}
 spec:
   selector:
     matchLabels:
       app: well-known
   replicas: 1
   template:
     metadata:
       labels:
         app: well-known
     spec:
       volumes:
       - name: config
         configMap:
           name: well-known
       containers:
       - name: nginx
         image: nginx:1.21.3-alpine
         imagePullPolicy: IfNotPresent
         ports:
         - name: http
           containerPort: 8080
           protocol: TCP
         volumeMounts:
         - name: config
           mountPath: /etc/nginx
           readOnly: true
         resources:
           requests:
             memory: "10Mi"
             cpu: "10m"
           limits:
             memory: "20Mi"
             cpu: "100m"
       tolerations:
       - key: "pcloud"
         operator: "Equal"
         value: "role"
         effect: "NoSchedule"
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: well-known
	namespace: {{ .Release.Namespace }}
	spec:
	type: ClusterIP
	selector:
	app: well-known
	ports:
	- name: http
	port: 80
	targetPort: http
	protocol: TCP
	---
	apiVersion: networking.k8s.io/v1
	kind: Ingress
	metadata:
	name: well-known
	namespace: {{ .Release.Namespace }}
	# annotations:
	# cert-manager.io/cluster-issuer: "{{ .Values.certificateIssuer }}"
	# acme.cert-manager.io/http01-edit-in-place: "true"
	spec:
	ingressClassName: {{ .Values.ingressClassName }}
	tls:
	- hosts:
	- {{ .Values.domain }}
	secretName: cert-www.{{ .Values.domain }}
	- hosts:
	- www.{{ .Values.domain }}
	secretName: cert-www.{{ .Values.domain }}
	rules:
	- host: {{ .Values.domain }}
	http:
	paths:
	- path: /
	pathType: Prefix
	backend:
	service:
	name: well-known
	port:
	name: http
	- host: www.{{ .Values.domain }}
	http:
	paths:
	- path: /
	pathType: Prefix
	backend:
	service:
	name: well-known
	port:
	name: http
	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: well-known
	namespace: {{ .Release.Namespace }}
	data:
	nginx.conf: \|
	# user www www;
	worker_processes 1;
	error_log /dev/null crit;
	# pid logs/nginx.pid;
	worker_rlimit_nofile 8192;
	events {
	worker_connections 1024;
	}
	http {
	server {
	listen 8080;
	location /.well-known/matrix/client {
	return 200 '{"m.homeserver": {"base_url": "https://matrix.{{ .Values.domain }}:443"}}';
	default_type application/json;
	add_header Access-Control-Allow-Origin *;
	}
	location /.well-known/matrix/server {
	return 200 '{"m.server": "matrix.{{ .Values.domain }}:443"}';
	default_type application/json;
	add_header Access-Control-Allow-Origin *;
	}
	}
	}
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: well-known
	namespace: {{ .Release.Namespace }}
	spec:
	selector:
	matchLabels:
	app: well-known
	replicas: 1
	template:
	metadata:
	labels:
	app: well-known
	spec:
	volumes:
	- name: config
	configMap:
	name: well-known
	containers:
	- name: nginx
	image: nginx:1.21.3-alpine
	imagePullPolicy: IfNotPresent
	ports:
	- name: http
	containerPort: 8080
	protocol: TCP
	volumeMounts:
	- name: config
	mountPath: /etc/nginx
	readOnly: true
	resources:
	requests:
	memory: "10Mi"
	cpu: "10m"
	limits:
	memory: "20Mi"
	cpu: "100m"
	tolerations:
	- key: "pcloud"
	operator: "Equal"
	value: "role"
	effect: "NoSchedule"