diff --git a/conduit/Chart.yaml b/conduit/Chart.yaml index 7f1cab6..5c27c93 100644 --- a/conduit/Chart.yaml +++ b/conduit/Chart.yaml @@ -4,5 +4,5 @@ description: Conduit is a simple, fast and reliable chat server powered by Matri type: application -version: 0.1.0 +version: 0.2.0 appVersion: "0.6.0" diff --git a/conduit/templates/deployment.yaml b/conduit/templates/deployment.yaml index 5669c58..2e64e00 100644 --- a/conduit/templates/deployment.yaml +++ b/conduit/templates/deployment.yaml @@ -8,9 +8,12 @@ spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} + strategy: + type: Recreate selector: matchLabels: {{- include "conduit.selectorLabels" . | nindent 6 }} + type: conduit template: metadata: {{- with .Values.podAnnotations }} @@ -19,6 +22,7 @@ spec: {{- end }} labels: {{- include "conduit.selectorLabels" . | nindent 8 }} + type: conduit spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: @@ -58,14 +62,20 @@ spec: value: "/var/lib/matrix-conduit" - name: "CONDUIT_DATABASE_BACKEND" value: "rocksdb" - - name: "CONDUIT_ALLOW_REGISTRATION" - value: {{ .Values.conduit.allowRegistration | quote }} - - name: "CONDUIT_ALLOW_FEDERATION" - value: {{ .Values.conduit.allowFederation | quote }} - name: "CONDUIT_ALLOW_CHECK_FOR_UPDATE" value: "false" + - name: "CONDUIT_ALLOW_REGISTRATION" + value: {{ .Values.conduit.allowRegistration | quote }} + - name: "CONDUIT_ALLOW_ENCRYPTION" + value: {{ .Values.conduit.allowEncryption | quote }} + - name: "CONDUIT_ALLOW_FEDERATION" + value: {{ .Values.conduit.allowFederation | quote }} + - name: "CONDUIT_ALLOW_ROOM_CREATION" + value: {{ .Values.conduit.allowRoomCreation | quote }} + - name: "CONDUIT_ALLOW_UNSTABLE_ROOM_VERSIONS" + value: {{ .Values.conduit.allowUnstableRoomVersions | quote }} - name: "CONDUIT_TRUSTED_SERVERS" - value: {{ toJSON .Values.conduit.trustedServers | quote }} + value: {{ toJson .Values.conduit.trustedServers | quote }} - name: "CONDUIT_MAX_REQUEST_SIZE" value: {{ .Values.conduit.maxRequestSize | quote }} {{- with .Values.conduit.maxConcurrentRequests }} @@ -76,6 +86,14 @@ spec: - name: "CONDUIT_LOG" value: {{ . | quote }} {{- end }} + {{- with .Values.conduit.registrationToken }} + - name: "CONDUIT_REGISTRATION_TOKEN" + value: {{ . | quote }} + {{- end }} + {{- with .Values.conduit.wellKnownClient }} + - name: "CONDUIT_WELL_KNOWN_CLIENT" + value: {{ . | quote }} + {{- end }} volumeMounts: - name: "data" mountPath: "/var/lib/matrix-conduit" diff --git a/conduit/templates/ingress.yaml b/conduit/templates/ingress.yaml index 9c954af..1962e8b 100644 --- a/conduit/templates/ingress.yaml +++ b/conduit/templates/ingress.yaml @@ -58,4 +58,23 @@ spec: {{- end }} {{- end }} {{- end }} + {{- if and .Values.wellknown.enabled }} + - host: {{ .Values.conduit.server_name }} + http: + paths: + - path: /.well-known/matrix/server + pathType: Prefix + backend: + service: + name: {{ include "conduit.fullname" . }}-wellknown + port: + name: http + - path: /.well-known/matrix/client + pathType: Prefix + backend: + service: + name: {{ include "conduit.fullname" . }}-wellknown + port: + name: http + {{- end }} {{- end }} diff --git a/conduit/templates/service.yaml b/conduit/templates/service.yaml index 55cb2b2..c85ff07 100644 --- a/conduit/templates/service.yaml +++ b/conduit/templates/service.yaml @@ -13,3 +13,4 @@ spec: name: http selector: {{- include "conduit.selectorLabels" . | nindent 4 }} + type: conduit diff --git a/conduit/templates/wellknown/configmap.yaml b/conduit/templates/wellknown/configmap.yaml new file mode 100644 index 0000000..868c59c --- /dev/null +++ b/conduit/templates/wellknown/configmap.yaml @@ -0,0 +1,11 @@ +{{- if .Values.wellknown.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "conduit.fullname" . }}-wellknown + labels: + {{- include "conduit.labels" . | nindent 4 }} +data: + server: {{ toJson .Values.wellknown.server | quote }} + client: {{ toJson .Values.wellknown.client | quote }} +{{- end }} \ No newline at end of file diff --git a/conduit/templates/wellknown/deployment.yaml b/conduit/templates/wellknown/deployment.yaml new file mode 100644 index 0000000..27ef41f --- /dev/null +++ b/conduit/templates/wellknown/deployment.yaml @@ -0,0 +1,72 @@ +{{- if .Values.wellknown.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "conduit.fullname" . }}-wellknown + labels: + {{- include "conduit.labels" . | nindent 4 }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + selector: + matchLabels: + {{- include "conduit.selectorLabels" . | nindent 6 }} + type: wellknown + template: + metadata: + {{- with .Values.wellknown.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "conduit.selectorLabels" . | nindent 8 }} + type: wellknown + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "conduit.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.wellknown.podSecurityContext | nindent 8 }} + containers: + - name: wellknown + securityContext: + {{- toYaml .Values.wellknown.securityContext | nindent 12 }} + image: "{{ .Values.wellknown.image.repository }}:{{ .Values.wellknown.image.tag }}" + imagePullPolicy: {{ .Values.wellknown.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.wellknown.containerPort }} + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - name: "data" + mountPath: "/usr/share/nginx/html/.well-known/matrix/" + {{- with .Values.wellknown.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.wellknown.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.wellknown.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: "data" + configMap: + name: {{ include "conduit.fullname" . }}-wellknown +{{- end }} \ No newline at end of file diff --git a/conduit/templates/wellknown/service.yaml b/conduit/templates/wellknown/service.yaml new file mode 100644 index 0000000..780e068 --- /dev/null +++ b/conduit/templates/wellknown/service.yaml @@ -0,0 +1,18 @@ +{{- if .Values.wellknown.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "conduit.fullname" . }}-wellknown + labels: + {{- include "conduit.labels" . | nindent 4 }} +spec: + type: {{ .Values.wellknown.service.type }} + ports: + - port: {{ .Values.wellknown.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "conduit.selectorLabels" . | nindent 4 }} + type: wellknown +{{- end }} diff --git a/conduit/values.yaml b/conduit/values.yaml index e019315..88c0fe9 100644 --- a/conduit/values.yaml +++ b/conduit/values.yaml @@ -26,14 +26,51 @@ serviceAccount: conduit: server_name: "your.server.name" allowRegistration: false + allowEncryption: true allowFederation: true + allowRoomCreation: true + allowUnstableRoomVersions: true trustedServers: - "matrix.org" - maxRequestSize: "20_000_000" # in bytes, ~20 MB + maxRequestSize: "20000000" # in bytes, ~20 MB # maxConcurrentRequests: 100 maxConcurrentRequests: # log: "warn,rocket=off,_=off,sled=off" log: + registrationToken: + wellKnownClient: "your.server.name" + +wellknown: + enabled: true + image: + repository: nginx + pullPolicy: IfNotPresent + tag: "1.25" + + replicaCount: 1 + podAnnotations: [] + podSecurityContext: {} + securityContext: {} + containerPort: 80 + env: [] + resources: {} + nodeSelector: {} + tolerations: [] + affinity: {} + + service: + type: ClusterIP + port: 8080 + annotations: {} + + # TO EDIT: + server: + "m.server": "your.server.name:443" + client: + "m.homeserver": + "base_url": "https://your.server.name/" + "org.matrix.msc3575.proxy": + "url": "https://your.server.name/" podAnnotations: {} @@ -50,7 +87,7 @@ securityContext: {} service: type: ClusterIP - port: 80 + port: 6167 ingress: enabled: false