forked from public/stack
k/matrix: initial commit
This commit is contained in:
parent
f5495de7c0
commit
9b012b72da
|
@ -0,0 +1,121 @@
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: matrix
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix
|
||||
app.kubernetes.io/part-of: matrix
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/cors-allow-origin: https://chat.distrust.co,https:app.matrix.org
|
||||
nginx.ingress.kubernetes.io/enable-cors: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: 110m
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- matrix.distrust.co
|
||||
secretName: matrix-distrust-co-tls
|
||||
- hosts:
|
||||
- matrix-fed.distrust.co
|
||||
secretName: matrix-fed-distrust-co-tls
|
||||
rules:
|
||||
- host: matrix.distrust.co
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: synapse
|
||||
port:
|
||||
name: http
|
||||
- host: matrix-fed.distrust.co
|
||||
http:
|
||||
paths:
|
||||
- path: /_matrix/
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: synapse
|
||||
port:
|
||||
name: http
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: matrix-media-repo
|
||||
labels:
|
||||
app.kubernetes.io/name: matrix
|
||||
app.kubernetes.io/part-of: matrix
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/cors-allow-origin: https://chat.distrust.co,https:app.matrix.org
|
||||
nginx.ingress.kubernetes.io/enable-cors: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: 110m
|
||||
# This combination of configurations allows for the media-repo to function
|
||||
# properly
|
||||
nginx.ingress.kubernetes.io/upstream-vhost: distrust.co
|
||||
nginx.ingress.kubernetes.io/configuration-snippet: |
|
||||
more_set_input_headers 'Host: distrust.co';
|
||||
more_set_input_headers 'X-Forwarded-Host: distrust.co';
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- matrix.distrust.co
|
||||
secretName: matrix-distrust-co-tls
|
||||
rules:
|
||||
- host: matrix.distrust.co
|
||||
http:
|
||||
paths:
|
||||
- path: /_matrix/media/
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: media-repo
|
||||
port:
|
||||
name: http
|
||||
- host: matrix-fed.distrust.co
|
||||
http:
|
||||
paths:
|
||||
- path: /_matrix/
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: synapse
|
||||
port:
|
||||
name: http
|
||||
---
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: element-web
|
||||
labels:
|
||||
app.kubernetes.io/name: element-web
|
||||
app.kubernetes.io/part-of: matrix
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt
|
||||
nginx.ingress.kubernetes.io/configuration-snippet: |
|
||||
add_header X-Frame-Options SAMEORIGIN;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header Content-Security-Policy "frame-ancestors 'self'";
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
tls:
|
||||
- hosts:
|
||||
- chat.distrust.co
|
||||
secretName: element-distrust-co-tls
|
||||
rules:
|
||||
- host: chat.distrust.co
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: element-web
|
||||
port:
|
||||
name: http
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: matrix
|
||||
resources:
|
||||
- synapse
|
||||
- coturn
|
||||
- element
|
||||
- matrix-media-repo
|
||||
- bridges/matrix-appservice-slack
|
||||
- bridges/mautrix-telegram
|
||||
- ingress.yaml
|
||||
images:
|
||||
- name: matrixdotdog/synapse
|
||||
newTag: v1.98.0@sha256:8d962e48a1d88d2fb646c82b1babf4dd0ed765b21a4cf15600d77e90e46dc413
|
||||
- name: coturn/coturn
|
||||
newTag: 4.6.2@sha256:9a5d44d1aebf28f1a96de4595bbab3eadc1ebd6bda705ca040df907f353f9fb2
|
||||
- name: dock.mau.dev/mautrix/slack
|
||||
newTag: 4530ff397d08d93b673cd71da4c2a75d969ca0df-amd64@sha256:7db11f874c655dd8be77a75fb07bd6071cc0d7e92bc564e1397f5b2e0e1883c7
|
Loading…
Reference in New Issue