Compare commits
2 commits
89e052db1a
...
6037e4adb6
| Author | SHA1 | Date | |
|---|---|---|---|
|
6037e4adb6 | ||
|
|
1bbf689821 |
7 changed files with 89 additions and 6 deletions
|
|
@ -12,8 +12,6 @@ server {
|
|||
# also turn off last-modified since they are just the timestamps of the file in the docker image
|
||||
# and may or may not bear any resemblance to when the resource changed
|
||||
add_header Last-Modified "";
|
||||
|
||||
try_files $uri /$uri /index.html;
|
||||
}
|
||||
|
||||
# assets can be cached because they have hashed filenames
|
||||
|
|
@ -23,3 +21,31 @@ server {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
server {
|
||||
listen 8443 ssl;
|
||||
server_name mx22.local;
|
||||
root /app;
|
||||
|
||||
location / {
|
||||
# disable cache entriely by default (apart from Etag which is accurate enough)
|
||||
add_header Cache-Control 'private no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
|
||||
if_modified_since off;
|
||||
expires off;
|
||||
# also turn off last-modified since they are just the timestamps of the file in the docker image
|
||||
# and may or may not bear any resemblance to when the resource changed
|
||||
add_header Last-Modified "";
|
||||
}
|
||||
|
||||
# assets can be cached because they have hashed filenames
|
||||
location /assets {
|
||||
expires 1w;
|
||||
add_header Cache-Control "public, no-transform";
|
||||
}
|
||||
|
||||
ssl_certificate "/etc/ssl/certs/element-call.crt";
|
||||
ssl_certificate_key "/etc/ssl/private/element-call.key";
|
||||
ssl_session_cache shared:SSL:1m;
|
||||
ssl_session_timeout 10m;
|
||||
ssl_prefer_server_ciphers on;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,4 +21,4 @@ version: 0.1.0
|
|||
# incremented each time you make changes to the application. Versions are not expected to
|
||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||
# It is recommended to use it with quotes.
|
||||
appVersion: "1.16.0"
|
||||
appVersion: v0.3.13
|
||||
|
|
|
|||
1
helm-chart/files/nginx.conf
Symbolic link
1
helm-chart/files/nginx.conf
Symbolic link
|
|
@ -0,0 +1 @@
|
|||
../../config/nginx.conf
|
||||
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
|
|
@ -6,3 +7,31 @@ metadata:
|
|||
data:
|
||||
{{ .Values.config.fileName }}: |
|
||||
{{ .Values.config.data | toPrettyJson | quote }}
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: nginx-config
|
||||
namespace: default
|
||||
data:
|
||||
default.conf: {{ .Files.Get "files/nginx.conf" | quote }}
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: ssl-cert
|
||||
namespace: default
|
||||
data:
|
||||
element-call.crt: {{ .Files.Get "certs/element-call.crt" | quote }}
|
||||
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: ssl-key
|
||||
namespace: default
|
||||
data:
|
||||
element-call.key: {{ .Files.Get "certs/element-call.key" | quote }}
|
||||
|
|
|
|||
|
|
@ -37,6 +37,9 @@ spec:
|
|||
- name: http
|
||||
containerPort: {{ .Values.service.port }}
|
||||
protocol: TCP
|
||||
- name: https
|
||||
containerPort: {{ .Values.service.port_https }}
|
||||
protocol: TCP
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /
|
||||
|
|
@ -51,10 +54,25 @@ spec:
|
|||
- name: config-volume
|
||||
mountPath: "{{ .Values.config.path }}"
|
||||
subPath: "{{ .Values.config.fileName }}"
|
||||
- name: nginx-volume
|
||||
mountPath: "{{ .Values.nginx_config.path }}"
|
||||
- name: ssl-cert-volume
|
||||
mountPath: "/etc/ssl/certs/"
|
||||
- name: ssl-key-volume
|
||||
mountPath: "/etc/ssl/private/"
|
||||
volumes:
|
||||
- name: config-volume
|
||||
configMap:
|
||||
name: app-config
|
||||
- name: nginx-volume
|
||||
configMap:
|
||||
name: nginx-config
|
||||
- name: ssl-cert-volume
|
||||
configMap:
|
||||
name: ssl-cert
|
||||
- name: ssl-key-volume
|
||||
configMap:
|
||||
name: ssl-key
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
|
|
|
|||
|
|
@ -11,5 +11,9 @@ spec:
|
|||
targetPort: http
|
||||
protocol: TCP
|
||||
name: http
|
||||
- port: {{ .Values.service.port_https }}
|
||||
targetPort: {{ .Values.service.port_https }}
|
||||
protocol: TCP
|
||||
name: element-https
|
||||
selector:
|
||||
{{- include "element-call.selectorLabels" . | nindent 4 }}
|
||||
|
|
|
|||
|
|
@ -5,10 +5,10 @@
|
|||
replicaCount: 1
|
||||
|
||||
image:
|
||||
repository: element-call_call
|
||||
pullPolicy: Never
|
||||
repository: ghcr.io/vector-im/element-call
|
||||
pullPolicy: IfNotPresent
|
||||
# Overrides the image tag whose default is the chart appVersion.
|
||||
tag: ""
|
||||
# tag: ""
|
||||
|
||||
imagePullSecrets: []
|
||||
nameOverride: ""
|
||||
|
|
@ -41,6 +41,7 @@ service:
|
|||
port: 8080
|
||||
targetPort: 8080
|
||||
nodePort: 30070
|
||||
port_https: 8443
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
|
|
@ -87,3 +88,7 @@ config:
|
|||
"feature_group_calls_without_video_and_audio": true
|
||||
}
|
||||
}
|
||||
|
||||
nginx_config:
|
||||
path: /etc/nginx/conf.d
|
||||
fileName: default.conf
|
||||
|
|
|
|||
Loading…
Reference in a new issue