From a0c5e6b066fc84bf9233561fb17b3d3d99a3fd55 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 23 Aug 2024 08:41:22 +0200 Subject: [PATCH] feat(mycloud-matrix): add element-call support - WIP --- base-values/mycloud-matrix-call.yaml | 15 ++++ .../templates/clients/element-call.yaml | 80 +++++++++++++++++++ mycloud-matrix/templates/clients/element.yaml | 12 +++ mycloud-matrix/templates/server/synapse.yaml | 14 +++- mycloud-matrix/values.yaml | 39 +++++++-- 5 files changed, 151 insertions(+), 9 deletions(-) create mode 100644 base-values/mycloud-matrix-call.yaml create mode 100644 mycloud-matrix/templates/clients/element-call.yaml diff --git a/base-values/mycloud-matrix-call.yaml b/base-values/mycloud-matrix-call.yaml new file mode 100644 index 0000000..da35053 --- /dev/null +++ b/base-values/mycloud-matrix-call.yaml @@ -0,0 +1,15 @@ +## +# commons are from mycloud-core +## + +components: + mycloud-matrix: + # patch mycloud-core to get another database + values: + livekit: + enabled: true + ingress: + livekit: + enabled: true + elementCall: + enabled: true diff --git a/mycloud-matrix/templates/clients/element-call.yaml b/mycloud-matrix/templates/clients/element-call.yaml new file mode 100644 index 0000000..106bd2c --- /dev/null +++ b/mycloud-matrix/templates/clients/element-call.yaml @@ -0,0 +1,80 @@ +{{- if .Values.ingress.elementCall.enabled }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{.Release.Name }}-livekit +data: + secret: {{ .Values.ingress.elementCall.livekitJWT.livekit.secret | default .Values.livekit.secret | default (derivePassword 1 "long" .Values.commons.masterPassword "matrix" "livekit_secret") | b64enc }} +--- +apiVersion: helm.toolkit.fluxcd.io/v2beta2 +kind: HelmRelease +metadata: + name: "{{.Release.Name }}-element-call" +spec: + chart: + spec: + sourceRef: + kind: GitRepository + name: "wrenix-helm-charts" + namespace: "flux-system" + chart: "element-call" + install: + {{- toYaml .Values.commons.helm.release.install | nindent 4 }} + test: + {{- toYaml .Values.commons.helm.release.test | nindent 4 }} + upgrade: + {{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }} + driftDetection: + {{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }} + interval: 10m + valuesFrom: + - kind: Secret + name: {{.Release.Name }}-livekit + valuesKey: secret + targetPath: service.lkJWT.config.secret + values: + ingress: + enabled: true + annotations: + {{- with mergeOverwrite (dict) .Values.commons.ingress.annotations .Values.ingress.elementCall.annotations }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.commons.ingress.tls.enabled }} + tls: + {{- with .Values.commons.ingress.tls.override }} + {{- toYaml . | nindent 8 }} + {{- else }} + - secretName: "mycloud-matrix-element-call-cert" + hosts: + - {{ .Values.ingress.elementCall.host | default (printf "call.%s" .Values.commons.ingress.domain) }} + {{- end }} + {{- end }} + service: + call: + ingress: + host: {{ .Values.ingress.elementCall.host | default (printf "call.%s" .Values.commons.ingress.domain) }} + config: + {{- with .Values.commons.tracing }} + {{- if .enabled }} + opentelemetry: + {{- if .grpc.enabled }} + url: grpc://{{ .http.endpoint }} + {{- else }} + url: {{ .http.endpoint }} + {{- end }} + {{- end }} + {{- end }} + default_server_config: + "m.homeserver": + base_url: "https://{{ include "mycloud-matrix.host.server" . }}/" + server_name: {{ include "mycloud-matrix.domain" . | quote }} + livekit: + livekit_service_url: "https://{{ .Values.ingress.elementCall.livekitJWT.host | default .Values.ingress.elementCall.host | default (printf "call.%s" .Values.commons.ingress.domain) }}" + lkJWT: + ingress: + host: {{ .Values.ingress.elementCall.livekitJWT.host | default .Values.ingress.elementCall.host | default (printf "call.%s" .Values.commons.ingress.domain) }} + config: + key: {{ .Values.ingress.elementCall.livekitJWT.livekit.key | default .Values.livekit.key }} + url: "wss://{{ .Values.ingress.livekit.host | default (printf "sfu.call.%s" .Values.commons.ingress.domain) }}" +{{- end }} diff --git a/mycloud-matrix/templates/clients/element.yaml b/mycloud-matrix/templates/clients/element.yaml index 5747244..bdee4ac 100644 --- a/mycloud-matrix/templates/clients/element.yaml +++ b/mycloud-matrix/templates/clients/element.yaml @@ -38,6 +38,18 @@ spec: config: sso_redirect_options: on_welcome_page: true + features: + feature_notifications: true + feature_video_rooms: true + feature_new_room_decoration_ui: true + feature_location_share_live: true + {{- if .Values.ingress.elementCall.enabled }} + feature_element_call_video_rooms: true + feature_group_calls: true + element_call: + url: "https://{{ .Values.ingress.elementCall.host | default (printf "call.%s" .Values.commons.ingress.domain) }}" + use_exclusively: true + {{- end }} ingress: enabled: true annotations: diff --git a/mycloud-matrix/templates/server/synapse.yaml b/mycloud-matrix/templates/server/synapse.yaml index dd232ee..64e60ea 100644 --- a/mycloud-matrix/templates/server/synapse.yaml +++ b/mycloud-matrix/templates/server/synapse.yaml @@ -64,11 +64,12 @@ spec: smtp_user: {{ .Values.commons.mail.username | quote }} smtp_pass: {{ .Values.commons.mail.password | quote }} app_name: "{{ .Values.commons.theme.title }}-matrix" - # TODO - # notif_from: {{ .Values.server.mail.from | default (printf "\"[%s] %s\" <%s>" .Values.commons.theme.title "matrix" .Values.commons.mail.from) | quote }} - notif_from: {{ .Values.server.mail.from | default .Values.commons.mail.from | quote }} - {{- if .Values.server.authenticationService.enabled }} + notif_from: {{ .Values.server.mail.from | default (printf "\"[%s] %s\" <%s>" .Values.commons.theme.title "matrix" .Values.commons.mail.from) | quote }} experimental_features: + {{- if .Values.ingress.elementCall.enabled }} + msc3266_enabled: true + {{- end }} + {{- if .Values.server.authenticationService.enabled }} msc3202_device_masquerading: true msc3861: enabled: true @@ -187,6 +188,11 @@ spec: issuer: "https://{{ include "mycloud-matrix.host.authenticationService" . }}/" account: "https://{{ include "mycloud-matrix.host.authenticationService" . }}/account/" {{- end }} + {{- if .Values.ingress.elementCall.enabled }} + org.matrix.msc4143.rtc_foci: + - type: "livekit" + livekit_service_url: https://{{ .Values.ingress.elementCall.livekitJWT.host | default .Values.ingress.elementCall.host | default (printf "call.%s" .Values.commons.ingress.domain) }} + {{- end }} resources: requests: cpu: 0.1 diff --git a/mycloud-matrix/values.yaml b/mycloud-matrix/values.yaml index 7e940ed..e375c34 100644 --- a/mycloud-matrix/values.yaml +++ b/mycloud-matrix/values.yaml @@ -155,29 +155,58 @@ bridge: enabled: false admins: [] +livekit: + # -- deploy livekit for usage with element-call + enabled: false + # -- key for api (kind of username) + key: dev + # -- secret for api a kind of password (default: generated by .commons.masterPassword) + secret: + ingress: server: # -- default: matrix.(.commons.ingress.domain) host: - annotations: + annotations: {} slidingSync: # -- default: sliding.matrix.(.commons.ingress.domain) host: - annotations: + annotations: {} authenticationService: # -- default: auth.matrix.(.commons.ingress.domain) host: - annotations: + annotations: {} element: enabled: true # -- default: element.(.commons.ingress.domain) host: - annotations: + annotations: {} hydrogen: enabled: false # -- default: hydrogen.(.commons.ingress.domain) host: - annotations: + annotations: {} + livekit: + enabled: false + # -- default: sfu.call.(.commons.ingress.domain) + host: + annotations: {} + elementCall: + # -- deploy element-call + enabled: false + # -- default: call.(.commons.ingress.domain) + host: + annotations: {} + livekitJWT: + # -- default: call.(.commons.ingress.domain) + host: + livekit: + # -- default: .ingress.livekit.host + host: + # -- default: .livekit.key + key: + # -- default: .livekit.secret + secret: databases: server: