diff --git a/manifests/_apps/matrix_chart.yaml b/manifests/_apps/matrix_chart.yaml deleted file mode 100644 index b074060..0000000 --- a/manifests/_apps/matrix_chart.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: cluster-fun-matrix - namespace: argocd - finalizers: - - resources-finalizer.argocd.argoproj.io -spec: - project: cluster.fun - destination: - namespace: chat - name: cluster-fun (v2) - source: - path: manifests/matrix_chart - repoURL: "https://git.cluster.fun/AverageMarcus/cluster.fun.git" - targetRevision: HEAD - syncPolicy: - syncOptions: - - CreateNamespace=true - automated: {} - ignoreDifferences: - - kind: Secret - jsonPointers: - - /data ---- diff --git a/manifests/matrix_chart/matrix_chart.yaml b/manifests/matrix_chart/matrix_chart.yaml deleted file mode 100644 index 9a9ef8d..0000000 --- a/manifests/matrix_chart/matrix_chart.yaml +++ /dev/null @@ -1,540 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: matrix - namespace: chat - annotations: - cert-manager.io/cluster-issuer: letsencrypt - nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - nginx.ingress.kubernetes.io/proxy-body-size: "0" -spec: - ingressClassName: nginx - tls: - - hosts: - - matrix.cluster.fun - secretName: matrix-ingress - rules: - - host: matrix.cluster.fun - http: - paths: - - path: /.well-known/matrix - pathType: ImplementationSpecific - backend: - service: - name: well-known - port: - number: 80 - - path: / - pathType: ImplementationSpecific - backend: - service: - name: matrix-synapse - port: - number: 80 - ---- - -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: riot - namespace: chat - annotations: - cert-manager.io/cluster-issuer: letsencrypt - nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - nginx.ingress.kubernetes.io/proxy-body-size: "0" -spec: - ingressClassName: nginx - tls: - - hosts: - - chat.cluster.fun - secretName: riot-ingress - rules: - - host: chat.cluster.fun - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: matrix-riot - port: - number: 80 - ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: well-known - namespace: chat - annotations: - configmap.reloader.stakater.com/reload: "well-known" -spec: - replicas: 1 - selector: - matchLabels: - app: well-known - template: - metadata: - labels: - app: well-known - spec: - containers: - - name: web - image: nginx - imagePullPolicy: IfNotPresent - ports: - - containerPort: 80 - name: web - volumeMounts: - - name: well-known - mountPath: /usr/share/nginx/html/.well-known/matrix - resources: - limits: - memory: 15Mi - requests: - memory: 15Mi - volumes: - - name: well-known - configMap: - name: well-known ---- -apiVersion: v1 -kind: Service -metadata: - name: well-known - namespace: chat -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: 80 - name: web - selector: - app: well-known ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: well-known - namespace: chat -data: - server: |- - { - "m.server": "matrix.cluster.fun:443" - } - client: |- - { - "m.homeserver": { - "base_url": "https://matrix.cluster.fun" - }, - "org.matrix.msc3575.proxy": { - "url": "https://syncv3.matrix.cluster.fun" - } - } - - ---- - - -# Source: matrix/templates/riot/configmap.yaml -apiVersion: v1 -kind: ConfigMap -metadata: - name: matrix-riot-config - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: element -data: - config.json: | - { - "default_server_config": { - "m.homeserver": { - "base_url": "https://matrix.cluster.fun" - } - }, - "brand": "Element", - "branding": {}, - "integrations_ui_url": "https://scalar.vector.im/", - "integrations_rest_url": "https://scalar.vector.im/api", - "integrations_widgets_urls": [ - "https://scalar.vector.im/_matrix/integrations/v1", - "https://scalar.vector.im/api", - "https://scalar-staging.vector.im/_matrix/integrations/v1", - "https://scalar-staging.vector.im/api", - "https://scalar-staging.riot.im/scalar/api" - ], - "showLabsSettings": true, - "features": { - "feature_pinning": true, - "feature_custom_status": "labs", - "feature_state_counters": "labs", - "feature_many_integration_managers": "labs", - "feature_mjolnir": "labs", - "feature_dm_verification": "labs", - "feature_bridge_state": "labs", - "feature_presence_in_room_list": true, - "feature_custom_themes": "labs", - "feature_new_spinner": "labs", - "feature_jump_to_date": "labs", - "feature_location_share_pin_drop": "labs", - "feature_location_share_live": "labs", - "feature_thread": true, - "feature_video_rooms": true, - "feature_favourite_messages": "labs" - }, - "roomDirectory": { - "servers": [] - }, - "permalinkPrefix": "https://chat.cluster.fun", - "enable_presence_by_hs_url": { - "https://matrix.org": false, - "https://matrix-client.matrix.org": false - }, - "map_style_url": "https://api.maptiler.com/maps/streets/style.json?key=2IerXP2a5g1e7hxxBbzs" - } - nginx.conf: | - worker_processes auto; - - error_log /var/log/nginx/error.log warn; - pid /var/run/pid/nginx.pid; - - events { - worker_connections 1024; - } - - http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - - keepalive_timeout 65; - - include /etc/nginx/conf.d/*.conf; - } - default.conf: | - server { - listen 8080; - server_name localhost; - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - } - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } - } ---- -apiVersion: v1 -kind: Secret -metadata: - name: matrix-synapse-config - namespace: chat - annotations: - kube-1password: wbj4oozwyx6m2zz5m42pgcmymy - kube-1password/vault: Kubernetes - kube-1password/secret-text-key: homeserver.yaml - labels: - app.kubernetes.io/name: "matrix" - component: synapse -type: Opaque ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: matrix-synapse-config - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: element -data: - matrix.cluster.fun.log.config: | - version: 1 - - formatters: - precise: - format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s' - - filters: - context: - (): synapse.util.logcontext.LoggingContextFilter - request: "" - - handlers: - console: - class: logging.StreamHandler - formatter: precise - filters: [context] - - loggers: - synapse: - level: WARNING - synapse.storage.SQL: - # beware: increasing this to DEBUG will make synapse log sensitive - # information such as access tokens. - level: WARNING - - root: - level: WARNING - handlers: [console] ---- -# Source: matrix/templates/riot/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: matrix-riot - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: element -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: http - protocol: TCP - name: http - selector: - app.kubernetes.io/name: matrix-riot ---- -# Source: matrix/templates/synapse/service.yaml -apiVersion: v1 -kind: Service -metadata: - name: matrix-synapse - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: synapse - annotations: - prometheus.io/scrape: "true" - prometheus.io/path: "/_synapse/metrics" - prometheus.io/port: "9000" -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: http - protocol: TCP - name: http - - port: 9000 - targetPort: metrics - protocol: TCP - name: metrics - selector: - app.kubernetes.io/name: matrix-synapse ---- -# Source: matrix/templates/riot/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: matrix-riot - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: element -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: matrix-riot - template: - metadata: - labels: - app.kubernetes.io/name: matrix-riot - spec: - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - containers: - - name: "riot" - image: "vectorim/element-web:v1.11.110" - imagePullPolicy: IfNotPresent - ports: - - name: http - containerPort: 8080 - protocol: TCP - volumeMounts: - - mountPath: /app/config.json - name: riot-config - subPath: config.json - readOnly: true - - mountPath: /etc/nginx/nginx.conf - name: riot-config - subPath: nginx.conf - readOnly: true - - mountPath: /etc/nginx/conf.d/default.conf - name: riot-config - subPath: default.conf - readOnly: true - - mountPath: /var/cache/nginx - name: ephemeral - subPath: cache - - mountPath: /var/run/pid - name: ephemeral - subPath: pid - - mountPath: /tmp - name: tmp - readinessProbe: - httpGet: - path: / - port: http - startupProbe: - httpGet: - path: / - port: http - livenessProbe: - httpGet: - path: / - port: http - securityContext: - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - volumes: - - name: riot-config - configMap: - name: matrix-riot-config - - name: ephemeral - emptyDir: {} - - name: tmp - emptyDir: {} ---- -# Source: matrix/templates/synapse/deployment.yaml -apiVersion: apps/v1 -kind: Deployment -metadata: - name: matrix-synapse - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: synapse -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: matrix-synapse - strategy: - type: Recreate - template: - metadata: - labels: - app.kubernetes.io/name: matrix-synapse - spec: - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - initContainers: - - name: generate-signing-key - image: "ghcr.io/element-hq/synapse:v1.137.0" - imagePullPolicy: IfNotPresent - env: - - name: SYNAPSE_SERVER_NAME - value: matrix.cluster.fun - - name: SYNAPSE_REPORT_STATS - value: "no" - command: ["python"] - args: - - "-m" - - "synapse.app.homeserver" - - "--config-path" - - "/data/homeserver.yaml" - - "--keys-directory" - - "/data/keys" - - "--generate-keys" - volumeMounts: - - name: synapse-config-homeserver - mountPath: /data/homeserver.yaml - subPath: homeserver.yaml - - name: synapse-config-logging - mountPath: /data/matrix.cluster.fun.log.config - subPath: matrix.cluster.fun.log.config - - name: signing-key - mountPath: /data/keys - containers: - - name: "synapse" - image: "ghcr.io/element-hq/synapse:v1.137.0" - imagePullPolicy: IfNotPresent - ports: - - name: http - containerPort: 8008 - protocol: TCP - - name: metrics - containerPort: 9000 - protocol: TCP - volumeMounts: - - name: synapse-config-homeserver - mountPath: /data/homeserver.yaml - subPath: homeserver.yaml - - name: synapse-config-logging - mountPath: /data/matrix.cluster.fun.log.config - subPath: matrix.cluster.fun.log.config - - name: signing-key - mountPath: /data/keys - - name: user-media - mountPath: /data/media_store - - name: uploads - mountPath: /data/uploads - - name: tmp - mountPath: /tmp - readinessProbe: - httpGet: - path: /_matrix/static/ - port: http - periodSeconds: 10 - timeoutSeconds: 5 - startupProbe: - httpGet: - path: /_matrix/static/ - port: http - failureThreshold: 6 - periodSeconds: 5 - timeoutSeconds: 5 - livenessProbe: - httpGet: - path: /_matrix/static/ - port: http - periodSeconds: 10 - timeoutSeconds: 5 - securityContext: - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - allowPrivilegeEscalation: false - volumes: - - name: synapse-config-logging - configMap: - name: matrix-synapse-config - - name: synapse-config-homeserver - secret: - secretName: matrix-synapse-config - - name: signing-key - persistentVolumeClaim: - claimName: chat-matrix-signing-key - - name: user-media - persistentVolumeClaim: - claimName: chat-matrix-user-media - - name: uploads - emptyDir: {} - - name: tmp - emptyDir: {} ---- diff --git a/manifests/matrix_chart/pvs.yaml b/manifests/matrix_chart/pvs.yaml deleted file mode 100644 index faf5709..0000000 --- a/manifests/matrix_chart/pvs.yaml +++ /dev/null @@ -1,32 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: chat-matrix-user-media - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: synapse -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 12Gi - storageClassName: sbs-default-retain ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: chat-matrix-signing-key - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: synapse -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - storageClassName: sbs-default-retain ---- diff --git a/manifests/matrix_chart/sliding-sync.yaml b/manifests/matrix_chart/sliding-sync.yaml deleted file mode 100644 index 2f388c2..0000000 --- a/manifests/matrix_chart/sliding-sync.yaml +++ /dev/null @@ -1,119 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: matrix-sliding-sync - namespace: chat - annotations: - kube-1password: 7kvyfcszfaavj2d7uvl4troagm - kube-1password/vault: Kubernetes - kube-1password/secret-text-parse: "true" - labels: - app.kubernetes.io/name: "matrix" - component: sliding-sync -type: Opaque ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: sliding-sync - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: sliding-sync -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/name: sliding-sync - template: - metadata: - labels: - app.kubernetes.io/name: sliding-sync - spec: - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - containers: - - name: "sliding-sync" - image: "ghcr.io/matrix-org/sliding-sync:v0.99.19" - imagePullPolicy: IfNotPresent - ports: - - name: http - containerPort: 8008 - protocol: TCP - - name: metrics - containerPort: 9090 - protocol: TCP - env: - - name: SYNCV3_SERVER - value: https://matrix.cluster.fun - - name: SYNCV3_BINDADDR - value: ":8008" - - name: SYNCV3_PROM - value: ":9090" - - name: SYNCV3_SECRET - valueFrom: - secretKeyRef: - name: matrix-sliding-sync - key: SYNCV3_SECRET - - name: SYNCV3_DB - valueFrom: - secretKeyRef: - name: matrix-sliding-sync - key: SYNCV3_DB ---- -apiVersion: v1 -kind: Service -metadata: - name: sliding-sync - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: sliding-sync - annotations: - prometheus.io/scrape: "true" - prometheus.io/port: "9090" -spec: - type: ClusterIP - ports: - - port: 80 - targetPort: http - name: web - - port: 9090 - targetPort: metrics - protocol: TCP - name: metrics - selector: - app.kubernetes.io/name: sliding-sync ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: sliding-sync - namespace: chat - labels: - app.kubernetes.io/name: "matrix" - component: sliding-sync - annotations: - cert-manager.io/cluster-issuer: letsencrypt - nginx.ingress.kubernetes.io/force-ssl-redirect: "true" - nginx.ingress.kubernetes.io/proxy-body-size: "0" -spec: - ingressClassName: nginx - tls: - - hosts: - - syncv3.matrix.cluster.fun - secretName: sliding-sync-ingress - rules: - - host: syncv3.matrix.cluster.fun - http: - paths: - - path: / - pathType: ImplementationSpecific - backend: - service: - name: sliding-sync - port: - number: 80 ----