Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 56c156990d6bb507a228f6a61fbe75550d100b6b^! / . / apps / matrix / install.yaml
commit56c156990d6bb507a228f6a61fbe75550d100b6b[log] [tgz]
authorgiolekva <giolekva@gmail.com>Wed Oct 20 11:44:54 2021 +0400
committergiolekva <giolekva@gmail.com>Wed Oct 20 11:44:54 2021 +0400
tree41b8c11a9e294d462d0a4f05a189abaf16383dcc
parentd02702262dfc4b20030efb0f888305f5ae5bc0d1 [diff] [blame]
Matrix: orginize code

diff --git a/apps/matrix/install.yaml b/apps/matrix/install.yaml
index 237eb6f..1519b86 100644
--- a/apps/matrix/install.yaml
+++ b/apps/matrix/install.yaml

@@ -1,8 +1,38 @@
-# ---
-# apiVersion: v1
-# kind: Namespace
-# metadata:
-#   name: app-matrix
+# TODO(giolekva): cleanup volumes
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: app-matrix
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  creationTimestamp: null
+  name: CreateConfigMaps
+  namespace: app-matrix
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - configmaps
+  verbs:
+  - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  creationTimestamp: null
+  name: default-CreateConfigMaps
+  namespace: app-matrix
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: CreateConfigMaps
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: app-matrix
 ---
 apiVersion: v1
 kind: Service
@@ -24,16 +54,15 @@
 metadata:
   name: ingress
   namespace: app-matrix
-  # annotations:
-  #   cert-manager.io/cluster-issuer: "letsencrypt-prod"
-  #   acme.cert-manager.io/http01-edit-in-place: "true"
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    acme.cert-manager.io/http01-edit-in-place: "true"
 spec:
   ingressClassName: nginx
   tls:
   - hosts:
     - matrix.lekva.me
-    # secretName: cert-matrix.lekva.me
-    secretName: cert-wildcard.lekva.me
+    secretName: cert-matrix.lekva.me
   rules:
   - host: matrix.lekva.me
     http:
@@ -46,6 +75,70 @@
             port:
               name: http
 ---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: generate-config
+  namespace: app-matrix
+spec:
+  template:
+    metadata:
+      labels:
+        app: generate-config
+    spec:
+      restartPolicy: OnFailure
+      volumes:
+      - name: data
+        persistentVolumeClaim:
+          claimName: matrix-data
+      - name: config
+        persistentVolumeClaim:
+          claimName: matrix-config
+      - name: homeserver-config
+        persistentVolumeClaim:
+          claimName: matrix-homeserver-config
+      initContainers:
+      - name: matrix
+        image: matrixdotorg/synapse:v1.43.0
+        imagePullPolicy: IfNotPresent
+        ports:
+        - name: http
+          containerPort: 8008
+          protocol: TCP
+        env:
+        - name: SYNAPSE_SERVER_NAME
+          value: "lekva.me"
+        - name: SYNAPSE_REPORT_STATS
+          value: "no"
+        - name: SYNAPSE_CONFIG_DIR
+          value: "/data"
+        - name: SYNAPSE_CONFIG_PATH
+          value: "/data/homeserver.yaml"
+        - name: SYNAPSE_DATA_DIR
+          value: "/data"
+        command: ["/start.py"]
+        args: ["generate"]
+        volumeMounts:
+        - name: data
+          mountPath: /data
+        # - name: config
+        #   mountPath: /matrix-config
+        - name: homeserver-config
+          mountPath: /homeserver-config
+      containers:
+      - name: capture-config
+        image: giolekva/capture-config:latest
+        imagePullPolicy: Always
+        command: ["capture-config"]
+        args: ["--config=/data/homeserver.yaml", "--namespace=app-matrix", "--config-map-name=config"]
+        volumeMounts:
+        - name: data
+          mountPath: /data
+        # - name: config
+        #   mountPath: /matrix-config
+        - name: homeserver-config
+          mountPath: /homeserver-config
+---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -65,6 +158,12 @@
       - name: data
         persistentVolumeClaim:
           claimName: matrix-data
+      - name: config
+        persistentVolumeClaim:
+          claimName: matrix-config
+      - name: homeserver-config
+        configMap:
+          name: config
       containers:
       - name: matrix
         image: matrixdotorg/synapse:v1.43.0
@@ -80,15 +179,19 @@
           value: "no"
         - name: SYNAPSE_CONFIG_DIR
           value: "/data"
+        - name: SYNAPSE_CONFIG_PATH
+          value: "/homeserver-config/homeserver.yaml"
         - name: SYNAPSE_DATA_DIR
           value: "/data"
-        # - name: SYNAPSE_CONFIG_PATH
-        #   value: "/etc/matrix/homeserver.yaml"
         command: ["/start.py"]
-        # args: ["generate"]
         volumeMounts:
         - name: data
           mountPath: /data
+        # - name: config
+        #   mountPath: /matrix-config
+        - name: homeserver-config
+          mountPath: /homeserver-config
+          readOnly: true
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
@@ -100,4 +203,28 @@
     - ReadWriteOnce
   resources:
     requests:
-      storage: 100Gi
+      storage: 10Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: matrix-config
+  namespace: app-matrix
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 10Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: matrix-homeserver-config
+  namespace: app-matrix
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 10Gi