From c5eda3d891c27e0d564014877aae5add49914c27 Mon Sep 17 00:00:00 2001 From: Sebastian Wendel Date: Tue, 17 Jan 2023 17:03:45 +0100 Subject: [PATCH] added matrix synapse deployment --- apps/gitea/values.yaml | 4 +-- apps/interfacer-core/values.yaml | 2 +- apps/kustomization.yaml | 1 + apps/synapse/kustomization.yaml | 11 +++++++ apps/synapse/namespace.yaml | 5 +++ apps/synapse/secret.yaml | 4 +++ apps/synapse/values.yaml | 31 +++++++++++++++++++ base/cert-manager/letsencrypt.yaml | 4 +-- overlays/prod/interfacer-core/ingress.yaml | 8 ++--- .../prod/interfacer-webpresence/ingress.yaml | 4 +-- overlays/prod/kustomization.yaml | 1 + overlays/prod/synapse/ingress.yaml | 24 ++++++++++++++ overlays/prod/synapse/kustomization.yaml | 4 +++ 13 files changed, 92 insertions(+), 11 deletions(-) create mode 100644 apps/synapse/kustomization.yaml create mode 100644 apps/synapse/namespace.yaml create mode 100644 apps/synapse/secret.yaml create mode 100644 apps/synapse/values.yaml create mode 100644 overlays/prod/synapse/ingress.yaml create mode 100644 overlays/prod/synapse/kustomization.yaml diff --git a/apps/gitea/values.yaml b/apps/gitea/values.yaml index 3a84ad6..8ef5126 100644 --- a/apps/gitea/values.yaml +++ b/apps/gitea/values.yaml @@ -17,14 +17,14 @@ ingress: kubernetes.io/tls-acme: "true" cert-manager.io/cluster-issuer: letsencrypt-http hosts: - - host: code.example.org + - host: code.k8s.dev.fabcity-hamburg.de paths: - path: / pathType: Prefix tls: - secretName: interfacer-gitea-tls hosts: - - code.example.org + - code.k8s.dev.fabcity-hamburg.de resources: requests: cpu: 100m diff --git a/apps/interfacer-core/values.yaml b/apps/interfacer-core/values.yaml index 2ce3eb1..9445188 100644 --- a/apps/interfacer-core/values.yaml +++ b/apps/interfacer-core/values.yaml @@ -1,3 +1,3 @@ --- gateway: - url: "https://gateway.example.org/" + url: "https://gateway.k8s.dev.fabcity-hamburg.de/" diff --git a/apps/kustomization.yaml b/apps/kustomization.yaml index 08a4ae1..dfc5929 100644 --- a/apps/kustomization.yaml +++ b/apps/kustomization.yaml @@ -3,3 +3,4 @@ resources: - interfacer-webpresence - interfacer-core - gitea + - synapse diff --git a/apps/synapse/kustomization.yaml b/apps/synapse/kustomization.yaml new file mode 100644 index 0000000..37ebac1 --- /dev/null +++ b/apps/synapse/kustomization.yaml @@ -0,0 +1,11 @@ +--- +namespace: synapse +resources: + - namespace.yaml +helmCharts: + - name: matrix-synapse + version: 3.0.0 + releaseName: interfacer-synapse + namespace: synapse + repo: https://ananace.gitlab.io/charts + valuesFile: values.yaml diff --git a/apps/synapse/namespace.yaml b/apps/synapse/namespace.yaml new file mode 100644 index 0000000..6aef1d1 --- /dev/null +++ b/apps/synapse/namespace.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: synapse diff --git a/apps/synapse/secret.yaml b/apps/synapse/secret.yaml new file mode 100644 index 0000000..106933f --- /dev/null +++ b/apps/synapse/secret.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Secret +metadata: + name: synapse-tls diff --git a/apps/synapse/values.yaml b/apps/synapse/values.yaml new file mode 100644 index 0000000..2802be7 --- /dev/null +++ b/apps/synapse/values.yaml @@ -0,0 +1,31 @@ +--- +serverName: 'k8s.dev.fabcity-hamburg.de' + +config: + publicBaseurl: 'https://matrix.k8s.dev.fabcity-hamburg.de' + reportStats: true + enableRegistration: true + trustedKeyServers: + - server_name: matrix.org + +extraConfig: + enable_search: true + enable_registration_without_verification: true + allow_public_rooms_over_federation: true + dynamic_thumbnails: true + +wellknown: + enabled: true + replicaCount: 1 + server: + m.server: matrix.k8s.dev.fabcity-hamburg.de:443 + client: + m.homeserver: + base_url: https://matrix.k8s.dev.fabcity-hamburg.de + extraData: + support: + admins: + - matrix_id: '@hostmaster:fabcity-hamburg.de' + email_address: 'hostmaster@fabcity-hamburg.de' + role: 'admin' + support_page: 'https://www.fabcity.hamburg/impressum/' diff --git a/base/cert-manager/letsencrypt.yaml b/base/cert-manager/letsencrypt.yaml index 21d44ee..25daa24 100644 --- a/base/cert-manager/letsencrypt.yaml +++ b/base/cert-manager/letsencrypt.yaml @@ -5,7 +5,7 @@ metadata: name: letsencrypt-http spec: acme: - email: hostmaster@example.org + email: hostmaster@fabcity-hamburg.de server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: name: letsencrypt-key @@ -20,7 +20,7 @@ metadata: name: letsencrypt-http-staging spec: acme: - email: hostmaster@example.org + email: hostmaster@fabcity-hamburg.de server: https://acme-staging-v02.api.letsencrypt.org/directory privateKeySecretRef: name: letsencrypt-key-staging diff --git a/overlays/prod/interfacer-core/ingress.yaml b/overlays/prod/interfacer-core/ingress.yaml index 89c6639..d4368e2 100644 --- a/overlays/prod/interfacer-core/ingress.yaml +++ b/overlays/prod/interfacer-core/ingress.yaml @@ -8,7 +8,7 @@ metadata: cert-manager.io/cluster-issuer: letsencrypt-http spec: rules: - - host: hub.example.org + - host: hub.k8s.dev.fabcity-hamburg.de http: paths: - path: / @@ -20,7 +20,7 @@ spec: name: http tls: - hosts: - - hub.example.org + - hub.k8s.dev.fabcity-hamburg.de secretName: interfacer-core-frontend-tls --- apiVersion: networking.k8s.io/v1 @@ -32,7 +32,7 @@ metadata: cert-manager.io/cluster-issuer: letsencrypt-http spec: rules: - - host: gateway.example.org + - host: gateway.k8s.dev.fabcity-hamburg.de http: paths: - path: / @@ -44,5 +44,5 @@ spec: name: http tls: - hosts: - - gateway.example.org + - gateway.k8s.dev.fabcity-hamburg.de secretName: interfacer-core-gateway-tls diff --git a/overlays/prod/interfacer-webpresence/ingress.yaml b/overlays/prod/interfacer-webpresence/ingress.yaml index 277f611..9f5dfaa 100644 --- a/overlays/prod/interfacer-webpresence/ingress.yaml +++ b/overlays/prod/interfacer-webpresence/ingress.yaml @@ -8,7 +8,7 @@ metadata: cert-manager.io/cluster-issuer: letsencrypt-http spec: rules: - - host: www.example.org + - host: www.k8s.dev.fabcity-hamburg.de http: paths: - path: / @@ -20,5 +20,5 @@ spec: name: http tls: - hosts: - - www.example.org + - www.k8s.dev.fabcity-hamburg.de secretName: interfacer-webpresence-tls diff --git a/overlays/prod/kustomization.yaml b/overlays/prod/kustomization.yaml index 1a97f93..5247517 100644 --- a/overlays/prod/kustomization.yaml +++ b/overlays/prod/kustomization.yaml @@ -4,3 +4,4 @@ resources: - ../../apps - interfacer-webpresence - interfacer-core + - synapse diff --git a/overlays/prod/synapse/ingress.yaml b/overlays/prod/synapse/ingress.yaml new file mode 100644 index 0000000..2d9378d --- /dev/null +++ b/overlays/prod/synapse/ingress.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: synapse + annotations: + kubernetes.io/ingress.class: nginx + cert-manager.io/cluster-issuer: letsencrypt-http +spec: + rules: + - host: matrix.k8s.dev.fabcity-hamburg.de + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: interfacer-synapse-matrix-synapse + port: + name: http + tls: + - hosts: + - matrix.k8s.dev.fabcity-hamburg.de + secretName: synapse-tls diff --git a/overlays/prod/synapse/kustomization.yaml b/overlays/prod/synapse/kustomization.yaml new file mode 100644 index 0000000..10557b8 --- /dev/null +++ b/overlays/prod/synapse/kustomization.yaml @@ -0,0 +1,4 @@ +--- +namespace: synapse +resources: + - ingress.yaml