fkf9
/
ungleich-k8s
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

matrix before refactor big

This commit is contained in:
Nico Schottelius 2021-07-17 22:07:30 +02:00
parent 9bc8f81c93
commit f70d5a8291
1 changed files with 64 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
apps/matrix/templates/deployment.yaml
View File

@ -15,15 +15,15 @@ spec:
use-as-service: {{ .Release.Name }}
spec:
initContainers:
- name: wait-for-cert
image: busybox
command:
- sh
- -c
- until ls /etc/letsencrypt/live/{{ tpl .Values.fqdn . }}/fullchain.pem; do sleep 2; done
volumeMounts:
- name: etcletsencrypt
mountPath: "/etc/letsencrypt"
# - name: wait-for-cert
# image: busybox
# command:
# - sh
# - -c
# - until ls /etc/letsencrypt/live/{{ tpl .Values.fqdn . }}/fullchain.pem; do sleep 2; done
# volumeMounts:
# - name: etcletsencrypt
# mountPath: "/etc/letsencrypt"
- name: generate-matrix-signing-key
image: ungleich/ungleich-matrix-synapse:{{ .Values.synapseVersion }}
command:
@ -41,6 +41,22 @@ spec:
- name: matrix-config
mountPath: "/baseconfig"
containers:
- name: certbot
image: ungleich/ungleich-certbot
ports:
- containerPort: 80
env:
- name: DOMAIN
value: "{{ tpl .Values.fqdn . }}"
- name: EMAIL
value: "{{ .Values.email }}"
{{ if eq .Values.letsencryptStaging "no" }}
- name: STAGING
value: "no"
{{ end }}
volumeMounts:
- name: etcletsencrypt
mountPath: "/etc/letsencrypt"
# This container will only start *after* the cert has been placed
- name: debug
image: alpine:latest
@ -108,6 +124,9 @@ spec:
- name: postgres-data
persistentVolumeClaim:
claimName: {{ tpl .Values.identifier . }}-postgres-data
- name: postgres-vars
secret:
secretName: {{ tpl .Values.identifier . }}-postgres-config
- name: nginx-config
configMap:
name: {{ tpl .Values.identifier . }}-nginx-config
@ -191,41 +210,41 @@ spec:
storage: 500Mi
storageClassName: rook-ceph-block
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ tpl .Values.identifier . }}-getcert
spec:
template:
metadata:
labels:
app: certbot-letsencrypt-getcert
use-as-service: {{ .Release.Name }}
spec:
restartPolicy: Never
containers:
- name: certbot
image: ungleich/ungleich-certbot
ports:
- containerPort: 80
env:
- name: DOMAIN
value: "{{ tpl .Values.fqdn . }}"
- name: EMAIL
value: "{{ .Values.email }}"
{{ if eq .Values.letsencryptStaging "no" }}
- name: STAGING
value: "no"
{{ end }}
volumeMounts:
- name: etcletsencrypt
mountPath: "/etc/letsencrypt"
volumes:
- name: etcletsencrypt
persistentVolumeClaim:
claimName: {{ tpl .Values.identifier . }}-letsencrypt-certs
backoffLimit: 3
---
# apiVersion: batch/v1
# kind: Job
# metadata:
# name: {{ tpl .Values.identifier . }}-getcert
# spec:
# template:
# metadata:
# labels:
# app: certbot-letsencrypt-getcert
# use-as-service: {{ .Release.Name }}
# spec:
# restartPolicy: Never
# containers:
# - name: certbot
# image: ungleich/ungleich-certbot
# ports:
# - containerPort: 80
# env:
# - name: DOMAIN
# value: "{{ tpl .Values.fqdn . }}"
# - name: EMAIL
# value: "{{ .Values.email }}"
# {{ if eq .Values.letsencryptStaging "no" }}
# - name: STAGING
# value: "no"
# {{ end }}
# volumeMounts:
# - name: etcletsencrypt
# mountPath: "/etc/letsencrypt"
# volumes:
# - name: etcletsencrypt
# persistentVolumeClaim:
# claimName: {{ tpl .Values.identifier . }}-letsencrypt-certs
# backoffLimit: 3
#---
apiVersion: v1
kind: ConfigMap
metadata:
@ -258,7 +277,7 @@ metadata:
name: {{ tpl .Values.identifier . }}-postgres-config
annotations:
secret-generator.v1.mittwald.de/autogenerate: POSTGRES_PASSWORD
stringdata:
stringData:
POSTGRES_USER: "matrix-synapse"
POSTGRES_DB: "matrix-synapse"
POSTGRES_HOST: "localhost"