apps/matrix/install.yaml - pcloud - Gitiles

 # TODO(giolekva): cleanup volumes
 ---
 apiVersion: v1
 kind: Namespace
 metadata:
   name: app-matrix
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   creationTimestamp: null
   name: CreateConfigMaps
   namespace: app-matrix
 rules:
 - apiGroups:
   - ""
   resources:
   - configmaps
   verbs:
   - create
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   creationTimestamp: null
   name: default-CreateConfigMaps
   namespace: app-matrix
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
   name: CreateConfigMaps
 subjects:
 - kind: ServiceAccount
   name: default
   namespace: app-matrix
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: matrix
   namespace: app-matrix
 spec:
   type: ClusterIP
   selector:
     app: matrix
   ports:
   - name: http
     port: 80
     targetPort: http
     protocol: TCP
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: ingress
   namespace: app-matrix
   annotations:
     cert-manager.io/cluster-issuer: "letsencrypt-prod"
     acme.cert-manager.io/http01-edit-in-place: "true"
 spec:
   ingressClassName: nginx
   tls:
   - hosts:
     - matrix.lekva.me
     secretName: cert-matrix.lekva.me
   rules:
   - host: matrix.lekva.me
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
             name: matrix
             port:
               name: http
 ---
 apiVersion: batch/v1
 kind: Job
 metadata:
   name: generate-config
   namespace: app-matrix
 spec:
   template:
     metadata:
       labels:
         app: generate-config
     spec:
       restartPolicy: OnFailure
       volumes:
       - name: data
         persistentVolumeClaim:
           claimName: matrix-data
       - name: config
         persistentVolumeClaim:
           claimName: matrix-config
       - name: homeserver-config
         persistentVolumeClaim:
           claimName: matrix-homeserver-config
       initContainers:
       - name: matrix
         image: matrixdotorg/synapse:v1.43.0
         imagePullPolicy: IfNotPresent
         ports:
         - name: http
           containerPort: 8008
           protocol: TCP
         env:
         - name: SYNAPSE_SERVER_NAME
           value: "lekva.me"
         - name: SYNAPSE_REPORT_STATS
           value: "no"
         - name: SYNAPSE_CONFIG_DIR
           value: "/data"
         - name: SYNAPSE_CONFIG_PATH
           value: "/data/homeserver.yaml"
         - name: SYNAPSE_DATA_DIR
           value: "/data"
         command: ["/start.py"]
         args: ["generate"]
         volumeMounts:
         - name: data
           mountPath: /data
         # - name: config
         #   mountPath: /matrix-config
         - name: homeserver-config
           mountPath: /homeserver-config
       containers:
       - name: capture-config
         image: giolekva/capture-config:latest
         imagePullPolicy: Always
         command: ["capture-config"]
         args: ["--config=/data/homeserver.yaml", "--namespace=app-matrix", "--config-map-name=config"]
         volumeMounts:
         - name: data
           mountPath: /data
         # - name: config
         #   mountPath: /matrix-config
         - name: homeserver-config
           mountPath: /homeserver-config
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: matrix
   namespace: app-matrix
 spec:
   selector:
     matchLabels:
       app: matrix
   replicas: 1
   template:
     metadata:
       labels:
         app: matrix
     spec:
       volumes:
       - name: data
         persistentVolumeClaim:
           claimName: matrix-data
       - name: config
         persistentVolumeClaim:
           claimName: matrix-config
       - name: homeserver-config
         configMap:
           name: config
       containers:
       - name: matrix
         image: matrixdotorg/synapse:v1.43.0
         imagePullPolicy: IfNotPresent
         ports:
         - name: http
           containerPort: 8008
           protocol: TCP
         env:
         - name: SYNAPSE_SERVER_NAME
           value: "lekva.me"
         - name: SYNAPSE_REPORT_STATS
           value: "no"
         - name: SYNAPSE_CONFIG_DIR
           value: "/data"
         - name: SYNAPSE_CONFIG_PATH
           value: "/homeserver-config/homeserver.yaml"
         - name: SYNAPSE_DATA_DIR
           value: "/data"
         command: ["/start.py"]
         volumeMounts:
         - name: data
           mountPath: /data
         # - name: config
         #   mountPath: /matrix-config
         - name: homeserver-config
           mountPath: /homeserver-config
           readOnly: true
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: matrix-data
   namespace: app-matrix
 spec:
   accessModes:
     - ReadWriteOnce
   resources:
     requests:
       storage: 10Gi
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: matrix-config
   namespace: app-matrix
 spec:
   accessModes:
     - ReadWriteOnce
   resources:
     requests:
       storage: 10Gi
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: matrix-homeserver-config
   namespace: app-matrix
 spec:
   accessModes:
     - ReadWriteOnce
   resources:
     requests:
       storage: 10Gi
	# TODO(giolekva): cleanup volumes
	---
	apiVersion: v1
	kind: Namespace
	metadata:
	name: app-matrix
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: Role
	metadata:
	creationTimestamp: null
	name: CreateConfigMaps
	namespace: app-matrix
	rules:
	- apiGroups:
	- ""
	resources:
	- configmaps
	verbs:
	- create
	---
	apiVersion: rbac.authorization.k8s.io/v1
	kind: RoleBinding
	metadata:
	creationTimestamp: null
	name: default-CreateConfigMaps
	namespace: app-matrix
	roleRef:
	apiGroup: rbac.authorization.k8s.io
	kind: Role
	name: CreateConfigMaps
	subjects:
	- kind: ServiceAccount
	name: default
	namespace: app-matrix
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: matrix
	namespace: app-matrix
	spec:
	type: ClusterIP
	selector:
	app: matrix
	ports:
	- name: http
	port: 80
	targetPort: http
	protocol: TCP
	---
	apiVersion: networking.k8s.io/v1
	kind: Ingress
	metadata:
	name: ingress
	namespace: app-matrix
	annotations:
	cert-manager.io/cluster-issuer: "letsencrypt-prod"
	acme.cert-manager.io/http01-edit-in-place: "true"
	spec:
	ingressClassName: nginx
	tls:
	- hosts:
	- matrix.lekva.me
	secretName: cert-matrix.lekva.me
	rules:
	- host: matrix.lekva.me
	http:
	paths:
	- path: /
	pathType: Prefix
	backend:
	service:
	name: matrix
	port:
	name: http
	---
	apiVersion: batch/v1
	kind: Job
	metadata:
	name: generate-config
	namespace: app-matrix
	spec:
	template:
	metadata:
	labels:
	app: generate-config
	spec:
	restartPolicy: OnFailure
	volumes:
	- name: data
	persistentVolumeClaim:
	claimName: matrix-data
	- name: config
	persistentVolumeClaim:
	claimName: matrix-config
	- name: homeserver-config
	persistentVolumeClaim:
	claimName: matrix-homeserver-config
	initContainers:
	- name: matrix
	image: matrixdotorg/synapse:v1.43.0
	imagePullPolicy: IfNotPresent
	ports:
	- name: http
	containerPort: 8008
	protocol: TCP
	env:
	- name: SYNAPSE_SERVER_NAME
	value: "lekva.me"
	- name: SYNAPSE_REPORT_STATS
	value: "no"
	- name: SYNAPSE_CONFIG_DIR
	value: "/data"
	- name: SYNAPSE_CONFIG_PATH
	value: "/data/homeserver.yaml"
	- name: SYNAPSE_DATA_DIR
	value: "/data"
	command: ["/start.py"]
	args: ["generate"]
	volumeMounts:
	- name: data
	mountPath: /data
	# - name: config
	# mountPath: /matrix-config
	- name: homeserver-config
	mountPath: /homeserver-config
	containers:
	- name: capture-config
	image: giolekva/capture-config:latest
	imagePullPolicy: Always
	command: ["capture-config"]
	args: ["--config=/data/homeserver.yaml", "--namespace=app-matrix", "--config-map-name=config"]
	volumeMounts:
	- name: data
	mountPath: /data
	# - name: config
	# mountPath: /matrix-config
	- name: homeserver-config
	mountPath: /homeserver-config
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: matrix
	namespace: app-matrix
	spec:
	selector:
	matchLabels:
	app: matrix
	replicas: 1
	template:
	metadata:
	labels:
	app: matrix
	spec:
	volumes:
	- name: data
	persistentVolumeClaim:
	claimName: matrix-data
	- name: config
	persistentVolumeClaim:
	claimName: matrix-config
	- name: homeserver-config
	configMap:
	name: config
	containers:
	- name: matrix
	image: matrixdotorg/synapse:v1.43.0
	imagePullPolicy: IfNotPresent
	ports:
	- name: http
	containerPort: 8008
	protocol: TCP
	env:
	- name: SYNAPSE_SERVER_NAME
	value: "lekva.me"
	- name: SYNAPSE_REPORT_STATS
	value: "no"
	- name: SYNAPSE_CONFIG_DIR
	value: "/data"
	- name: SYNAPSE_CONFIG_PATH
	value: "/homeserver-config/homeserver.yaml"
	- name: SYNAPSE_DATA_DIR
	value: "/data"
	command: ["/start.py"]
	volumeMounts:
	- name: data
	mountPath: /data
	# - name: config
	# mountPath: /matrix-config
	- name: homeserver-config
	mountPath: /homeserver-config
	readOnly: true
	---
	apiVersion: v1
	kind: PersistentVolumeClaim
	metadata:
	name: matrix-data
	namespace: app-matrix
	spec:
	accessModes:
	- ReadWriteOnce
	resources:
	requests:
	storage: 10Gi
	---
	apiVersion: v1
	kind: PersistentVolumeClaim
	metadata:
	name: matrix-config
	namespace: app-matrix
	spec:
	accessModes:
	- ReadWriteOnce
	resources:
	requests:
	storage: 10Gi
	---
	apiVersion: v1
	kind: PersistentVolumeClaim
	metadata:
	name: matrix-homeserver-config
	namespace: app-matrix
	spec:
	accessModes:
	- ReadWriteOnce
	resources:
	requests:
	storage: 10Gi