feat: add dendrite and webserver that hosts well-known file for matrix
This commit is contained in:
parent
c07be6c8bf
commit
d9c34fdf34
File diff suppressed because one or more lines are too long
|
@ -0,0 +1,88 @@
|
|||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: dendrite
|
||||
namespace: default
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 3.1.0
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjws-charts
|
||||
namespace: flux-system
|
||||
|
||||
values:
|
||||
controllers:
|
||||
main:
|
||||
# pod:
|
||||
# securityContext:
|
||||
# runAsNonRoot: true
|
||||
# runAsUser: 10000
|
||||
# runAsGroup: 10000
|
||||
# fsGroup: 10000
|
||||
# fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: matrixdotorg/dendrite-monolith
|
||||
tag: v0.13.7
|
||||
|
||||
service:
|
||||
app:
|
||||
controller: main
|
||||
|
||||
ports:
|
||||
http:
|
||||
port: 8008
|
||||
|
||||
ingress:
|
||||
main:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
|
||||
hosts:
|
||||
- host: "matrix.${SECRET_NEW_DOMAIN}"
|
||||
paths:
|
||||
- path: /
|
||||
service:
|
||||
identifier: app
|
||||
port: http
|
||||
- host: "${SECRET_NEW_DOMAIN}"
|
||||
paths:
|
||||
- path: /_matrix
|
||||
service:
|
||||
identifier: app
|
||||
port: http
|
||||
|
||||
persistence:
|
||||
config:
|
||||
type: configMap
|
||||
# mounts 'matrix_key.pem' and 'config.yaml'
|
||||
name: dendrite-config
|
||||
defaultMode: 0664
|
||||
globalMounts:
|
||||
- path: /etc/dendrite
|
||||
|
||||
searchindex:
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Kubernetes/matrix/searchindex
|
||||
globalMounts:
|
||||
- path: /var/dendrite/searchindex
|
||||
|
||||
media-store:
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Kubernetes/matrix/media
|
||||
globalMounts:
|
||||
- path: /var/dendrite/media_store
|
||||
|
||||
jetstream:
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Kubernetes/matrix/jetstream
|
||||
globalMounts:
|
||||
- path: /var/dendrite/jetstream
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./config.sops.yaml
|
||||
- ./helm-release.yaml
|
|
@ -6,4 +6,6 @@ resources:
|
|||
- ./trilium
|
||||
- ./mealie
|
||||
- ./huginn
|
||||
- ./exim
|
||||
- ./exim
|
||||
- ./well-known-site
|
||||
- ./dendrite
|
|
@ -0,0 +1,71 @@
|
|||
kind: ConfigMap
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: well-known-site
|
||||
namespace: default
|
||||
data:
|
||||
nginx.conf: ENC[AES256_GCM,data:axWUHKsftk7FO1GeoTB1BpViXfoSfprYOTjibwNAYhE9SK7Y+iOQqu1rIJ/iq50FN3t0kzxuvhPrtzcAHS27Esq5MtRxklnyxq/kTy6kMZmlUTe0UmGWGIgA9NQ1GgUzGCO7QgfP0MKaSC4rr066uQNtlneZnMh68Je1ERYIaiJHjf0FS2Ugv1LRrnSkDXv+sHjHzXE+2u64dfe3jLWPG18CFEa+eTFNFaueajBecyFuGjlreh8kwFTuZI7CR9J+rKlUoq8KUcc5qo5DswVhVtHJTh0J1UDH64myF5Po6odSgpCFfIaLsdcAnI9mn8TnagBYR7H/PdAXGx6m4Z/nJKXM9dEK4ChPgKFoGj2ZnWcPonHwxakiekLi+fSaUKEfuX/F2wYTFozOIrmOkxehslan8JLLah+6DwtxLyFa6nioSK1IQ46EY5stx2weO7t95UzHgI6SI7HA46nVYH2orBl7MLDy7xi4vQtuK+Fgl1P2IV2wWOWrv4Wwsp2ztRn2/n91LISOVgmvWeYIwx5WreLB8RSGad0Pt4FJXXa2iydERXGa6IcjR6etmjrysW0XTimBmQFIbHgL6zk2NiPwtY47uRfiLSt4z29mFK6b8RIQ8htnTJIhbv6kQdt3clmimVfu11YZuqgnkcr/zxDr+zR3jGpM41sg+1XyMX7fueNDuNxL3tA/kwmqaYX4oJKWodzzls1XusrL+lQkzQt2M29nf4vDsNmFGqIl0ZFnYaZ1QuvJrMs/1yWN+34Qh0vNMnRqHZVAx+DiGw2rDKUzJUSj/+lINyRozjDAbTSU/rObPWYnC/0zCmZLpFT6PdiXzTdHMRYLoFhPgSEy4HXjGdaCn7WWI/TcAZLKGHFfHrgMnc78PK+93iEoa/n9sBte4ZfSb90i8g+81I6Lq0qmC3R01jkaVePkVDw967H+egoa0fcb3zuxx91KKycvazWvwqntFpWIeH3m27WzPnkKHujn2UUKw/E1tSjyPWhc1Wzzkyc0oetU8u9I3NPKpw6moecvJGFwztodYYilAJalMPjDoClZwc7wRxObXiM+PH+jlRlsYrTts7H5AIz3PWrT+SsiWaSp5WuKXz9l48IPOQ0KijgqvWf90Weq9vbSedWO+ffmroyEpTwBRNqmqT5s7HHXqGKWWT7arIrBLNJcyXVA7Ame/7F7MOAVaRY0VAhtQTMDIOCCPz31C6bz8k0oq6n14EKDLTQxCzcXt+LGY/3yig56WK2CPjP8Mx97/sxBK/7kS76lqUTNdpFi2Rb81tRD6aB5GsURhzXWFSdPaATk+NmYGT7nGYqlF+uaXUdPRZJiHsZXvrGUcb8c0cOA3BUBpDOfFAr8DC8o22fOBK6h4GXA/sM36xepls8aFzz0XyKEQf9J7qsDLc6qs99mqUqGLoAH1JyZi5oz7FpP8FqBmtojOhCs4kMGU9C3TJ0ID+cfmURAbW+revNkpt3ovioN2ClAAztDRru9CtnGJ10fkw1YJr1KRTNy5zIoJDC7sBoenk53DZVbjI996D8sWaWIzl2g9g==,iv:qWsILqDVZTjH/tI/IW/gKKTsn2LVo9k4UtokBGnEFEw=,tag:mjBdSGPDQ4byxT8iaf3yjA==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
azure_kv: []
|
||||
hc_vault: []
|
||||
age: []
|
||||
lastmodified: "2024-07-03T20:16:25Z"
|
||||
mac: ENC[AES256_GCM,data:FUx+4ZBrF9YwwAqhCCWnmec3VXUFT7wLx1weESsx4CGHvOPGoHE/ESJianpS+cYhCibbOn3gmP2axlPDNzXVwhXilSmGX6cz4BXsOeob2Z++cydbMtLAke5HZhCYJGZURKsFoG5c6zJNJAGASQxk9c6Xlg6CjOx6bjhEtqSUtic=,iv:LdOxS5SCWpEJT4l4OXsWZWWK5FIYo/bUzZtMiA1HhU8=,tag:lQ/Q8kP4xryW2wDXMEMKbg==,type:str]
|
||||
pgp:
|
||||
- created_at: "2024-07-03T20:16:25Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAyqlIeyoxYovAQ//XR0dmHqYjhjliN1sPdB+L1rlK4xaJPuguf87pAFfmxSW
|
||||
Yqs46j3sQe/h/qqUMi0dWhUo/Jk0r96Jmkjrq1Bu2iqvwpHnMo4s3LaVLNw59dwN
|
||||
QfPIY75IOSJnIm4eWr63qewZkTl1uwg3SfBBYrMHfC++eUZFXMziMUBCITf0Wi1J
|
||||
O44hOK7E3+aMHHvRbRcMi0h2J0gjiuPROhKfaRwYNxXtaUK3yuTYwp0sdNUdOsmU
|
||||
L5DkDQY8FQZjAJDi0elB/xuPvJwUKZ3flvnajm1zWs6Gp12RiPmxc3jIzmuMd+zq
|
||||
Z13PmogTj2xTIeVLya8L92cjIEGHFyWkbYGKeYuYoNfAUmw/6o8q4/TGDlHawC/B
|
||||
2rqSCSAepz+4+LPreAVNUQdxgulFB40NXGwLX6CXpSl886I6S1nKgAzlmjAZWmn/
|
||||
kmK2VRKVeCSVsu+vNuWlJYBxdxr6nQhPsDcuMAb2cbzc1bIwlJJEfWkYGM5sWxfG
|
||||
VAXik+Ru/803gRX4OgCVLc7+wQj8CZogANzFHk6sYSDUeOSNsywo5zoLhFDeyzR5
|
||||
WbmWNTnBzu6N85giDAupP+UWQexqnVAvlX7mIsJ504RsKNqlEgexMJ+Tr6rZ58Ye
|
||||
kQXui+CwxLpbSSPV/ir0iA+Wsw1B/8bPs6snGlZ/LkHWXb3ViyO8zCG/hKtEUTSF
|
||||
AgwDXjg0p2IN1X8BEADb6FuwnGRu1xMQguJAXRKkzxJIBJmN1+eWJQPrF7XzMzRr
|
||||
0uiMAn/SBNkEv6ATExHX25uRy+F107GNZ5pNaKwgkC+hDRQmgfhvyELsel+S38lz
|
||||
hXEC4/CcxNetc8zZifPPdR6cK1fJLUMfgKUu8RH/2TNfwMJW+51WYS63PiLGRphk
|
||||
mNO98gQ5kUjuOslBCLcwmG3dc/xh/zK5/AECVQHNXOuoUuRgfO75UzJ2NuLbDS9X
|
||||
8bzjNlSBPp6mPI60LZrveuT8kgFHPVgxxqSAAzQcwIVMjx8q5qGpOZUOZsppYeqh
|
||||
ejRBwPbNOx8+jrlkzsfvkO1B7Z2lgSHf6lWhhU7LMvw3NEoY7mnXY8TBww38Y73E
|
||||
uwaMSUdmxStzVEqkoGyhtydZHkNf4uN97oWuVS9TPg0AmvkpicfhwLGZ6eqZROjY
|
||||
sRnacfV1lNtqFgUaV68yz0khZRBsagfNZK0sWSfeIG6Y0JMWaimdqQlBWOoYBNK+
|
||||
+UKcXUNHzy6B5pyxHWBxm2LrrdTBrlftWoLO57UuMeu5YAOFizWO02GztCtNv1NR
|
||||
4TF0rkdsCBSrbt0kukAb6yQH4IEjWtve0b6x6zY8iGjbyseUuYWVUfXtKSifkX3Z
|
||||
566/VaRQv93Bm3Hs/WgOYdln85n4QD/uS91SLk+iMbqqy8eFQfPcK4ATQVeva9Ro
|
||||
AQkCEDNDyCBStpQg7D0pYMZV6MNnEoWy4t/XX3dV/TRyhs5ndjLk5+nRIJsN+Nbk
|
||||
0Ikb154Mm4FUEJ4fC/yrJTfE84noY9loMsuwNmcFjhoBmOhUBL2hKXbzegE7GqeS
|
||||
tWvPLQzkrUc=
|
||||
=4iOt
|
||||
-----END PGP MESSAGE-----
|
||||
fp: BD1AAF9D8170F4BEE437365FF6F0933799CFEBCD
|
||||
- created_at: "2024-07-03T20:16:25Z"
|
||||
enc: |-
|
||||
-----BEGIN PGP MESSAGE-----
|
||||
|
||||
hQIMAy5t8IMoPu4VAQ//XVCMS5Ss1fw56d+Gfbskcc13P8/YVhH3Pmh/KVxb6MIY
|
||||
52I/RcUBwQb14fhYJ6FjSLPYyjlU85y3d60sp57cmbVts8S9NI8jkc/m91n94VgI
|
||||
HvLidGcG0hBSlsfknf7ra2hdRjpgdzo21uKN6u1XrtjFTip9xTadI8EcDZopSwpX
|
||||
FxjZCdd8zN4cAMdsNp9y32+OVQIUV6IAMp+BrPZMgqBXDQJ/hjU/t+7PCZo6+4Q7
|
||||
RSqIoGldKAG9g+fGQ9HYN5q6sHbSH7k/2kOIaqyelgSA7N9Csv90UYSjIx3TlC5O
|
||||
jc3WIoIi6jSKic5uMxX0mlfQoLCsQ6i/FWZMqQeaDCyZP0nny+6JD1OqVuPUtFa8
|
||||
SbfNnuj3vZTGd20um3ttdv03e3/eqblJvlG41FpLPPo7CK9mUyCa2cWNCjwrLPo/
|
||||
GCBTnHGjDSqFtG2D8NYmTnOVe5irCj05OZjWH4WmFeWr49RzOgQhrQRvaFAwjnJT
|
||||
eFvKWPgD/zHT2yOPvwFfIFoWkNGKiHsxwJ+YJ969QI8qO6yinzpLQpmlXB3v3ucJ
|
||||
gep5SOnOeWDVywAb6NTUMDimRhL4iLh+tnpoRU4D2N16RkQ2BVGuSbYgGHf4KYnc
|
||||
d6KHFKkNEywR4JMiffHWo7bMZYWluydRcM9/pTmuH29h3Fxa5dXGwtlvkztcAIbU
|
||||
aAEJAhDEcsZXQZtkdptMq/UmflbJXVF/y3T8PaZHfGWQ2Lk1Tj/1zmKjMns8mc9d
|
||||
+ItVxpfReHej8hUkvjPdEIWKykuiClPSam6T7ncNc+WNTs56nPs4e8gQ/ijHqywa
|
||||
L6k5MEgvpQCs
|
||||
=qyn/
|
||||
-----END PGP MESSAGE-----
|
||||
fp: 687802D4DFD8AA82EA55666CF7DADAC782D7663D
|
||||
encrypted_regex: ^(data|stringData)$
|
||||
version: 3.8.1
|
|
@ -0,0 +1,57 @@
|
|||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
name: well-known-site
|
||||
namespace: default
|
||||
spec:
|
||||
interval: 5m
|
||||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 3.1.0
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjws-charts
|
||||
namespace: flux-system
|
||||
|
||||
values:
|
||||
controllers:
|
||||
main:
|
||||
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: nginxinc/nginx-unprivileged
|
||||
tag: 1.27.0-alpine
|
||||
|
||||
service:
|
||||
app:
|
||||
controller: main
|
||||
|
||||
ports:
|
||||
http:
|
||||
port: 8080
|
||||
|
||||
ingress:
|
||||
main:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
|
||||
hosts:
|
||||
- host: "${SECRET_NEW_DOMAIN}"
|
||||
paths:
|
||||
- path: /.well-known
|
||||
service:
|
||||
identifier: app
|
||||
port: http
|
||||
|
||||
persistence:
|
||||
config:
|
||||
name: well-known-site
|
||||
type: configMap
|
||||
defaultMode: 0664
|
||||
globalMounts:
|
||||
- subPath: nginx.conf
|
||||
path: /etc/nginx/nginx.conf
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
resources:
|
||||
- ./config.sops.yaml
|
||||
- ./helm-release.yaml
|
Loading…
Reference in New Issue