Installer: introduce namespacePrefix, fix certificates, split matrix installation using pre-install hook
diff --git a/charts/matrix/templates/config-to-merge.yaml b/charts/matrix/templates/config-to-merge.yaml
index ba18144..f74f0c0 100644
--- a/charts/matrix/templates/config-to-merge.yaml
+++ b/charts/matrix/templates/config-to-merge.yaml
@@ -6,6 +6,9 @@
metadata:
name: {{ .Values.oauth2.secretName }}
namespace: {{ .Release.Namespace }}
+ annotations:
+ helm.sh/hook: pre-install
+ helm.sh/hook-weight: "-10"
data:
client_id: {{ .Values.oauth2.clientId | b64enc }}
client_secret: {{ $secret | b64enc }}
@@ -15,6 +18,9 @@
metadata:
name: {{ .Values.configMerge.configName }}
namespace: {{ .Release.Namespace }}
+ annotations:
+ helm.sh/hook: pre-install
+ helm.sh/hook-weight: "-10"
data:
{{ .Values.configMerge.fileName }}: |
public_baseurl: https://matrix.{{ .Values.domain }}/
diff --git a/charts/matrix/templates/matrix.yaml b/charts/matrix/templates/matrix.yaml
index d9bd47f..e03223f 100644
--- a/charts/matrix/templates/matrix.yaml
+++ b/charts/matrix/templates/matrix.yaml
@@ -4,6 +4,9 @@
metadata:
name: CreateConfigMaps
namespace: {{ .Release.Namespace }}
+ annotations:
+ helm.sh/hook: pre-install
+ helm.sh/hook-weight: "-10"
rules:
- apiGroups:
- ""
@@ -18,6 +21,9 @@
metadata:
name: default-CreateConfigMaps
namespace: {{ .Release.Namespace }}
+ annotations:
+ helm.sh/hook: pre-install
+ helm.sh/hook-weight: "-10"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
@@ -42,21 +48,32 @@
targetPort: http
protocol: TCP
---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: matrix.{{ .Values.domain }}
+ namespace: {{ .Release.Namespace }}
+ annotations:
+ helm.sh/resource-policy: keep
+spec:
+ dnsNames:
+ - 'matrix.{{ .Values.domain }}'
+ issuerRef:
+ name: {{ .Values.certificateIssuer }}
+ kind: ClusterIssuer
+ secretName: cert-matrix.{{ .Values.domain }}
+---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
namespace: {{ .Release.Namespace }}
- annotations:
- cert-manager.io/cluster-issuer: {{ .Values.certificateIssuer }}
- acme.cert-manager.io/http01-edit-in-place: "true"
spec:
ingressClassName: {{ .Values.ingressClassName }}
tls:
- hosts:
- matrix.{{ .Values.domain }}
secretName: cert-matrix.{{ .Values.domain }}
- # secretName: cert-wildcard.{{ .Values.domain }}
rules:
- host: matrix.{{ .Values.domain }}
http:
@@ -74,6 +91,9 @@
metadata:
name: generate-config
namespace: {{ .Release.Namespace }}
+ annotations:
+ helm.sh/hook: pre-install
+ helm.sh/hook-weight: "-5"
spec:
template:
metadata:
@@ -179,6 +199,9 @@
metadata:
name: data
namespace: {{ .Release.Namespace }}
+ annotations:
+ helm.sh/hook: pre-install
+ helm.sh/hook-weight: "-10"
spec:
accessModes:
- ReadWriteOnce
diff --git a/charts/matrix/templates/well-known.yaml b/charts/matrix/templates/well-known.yaml
index 218e335..cd235cd 100644
--- a/charts/matrix/templates/well-known.yaml
+++ b/charts/matrix/templates/well-known.yaml
@@ -19,9 +19,6 @@
metadata:
name: well-known
namespace: {{ .Release.Namespace }}
- # annotations:
- # cert-manager.io/cluster-issuer: "{{ .Values.certificateIssuer }}"
- # acme.cert-manager.io/http01-edit-in-place: "true"
spec:
ingressClassName: {{ .Values.ingressClassName }}
tls: