let appName = "conduwuit"; conduwuit-Image = "git.gmem.ca/arch/conduwuit:latest"; in {...}: { kubernetes.resources.services.conduwuit = { spec = { selector.app = appName; ports.http = { port = 6167; targetPort = 6167; }; }; }; kubernetes.resources.statefulSets.conduwuit.spec = { selector.matchLabels.app = appName; serviceName = appName; template = { metadata.labels.app = appName; spec = { volumes = { config.configMap.name = appName; }; containers = { conduwuit = { image = conduwuit-Image; imagePullPolicy = "Always"; ports.http.containerPort = 6167; volumeMounts = [ { name = "data"; mountPath = "/var/lib/matrix-conduit"; } { name = "config"; mountPath = "/etc/matrix-conduit/conduit.toml"; subPath = "conduit.toml"; } ]; env.CONDUIT_CONFIG.value = "/etc/matrix-conduit/conduit.toml"; }; }; }; }; volumeClaimTemplates = [ { metadata.name = "data"; spec = { storageClassName = "nfs-client"; accessModes = ["ReadWriteOnce"]; resources.requests.storage = "5Gi"; }; } ]; }; kubernetes.resources.ingresses.conduwuit = { metadata = { name = appName; annotations = { "cert-manager.io/issuer" = "le-issuer"; }; }; spec = { tls = [ { hosts = ["chat.gmem.ca"]; secretName = "gmem-ca-wildcard"; } ]; rules = [ { host = "chat.gmem.ca"; http.paths = [ { path = "/"; pathType = "Prefix"; backend.service = { name = appName; port.name = "http"; }; } ]; } ]; }; }; kubernetes.resources.configMaps.conduwuit = { metadata = { name = appName; annotations = { "cert-manager.io/issuer" = "le-issuer"; }; }; data."conduit.toml" = '' [global] # The Conduit server needs all /_matrix/ requests to be reachable at # https://your.server.name/ on port 443 (client-server) and 8448 (federation). server_name = "gmem.ca" # This is the only directory where Conduit will save its data database_path = "/var/lib/matrix-conduit/" database_backend = "rocksdb" port = 6167 max_request_size = 20_000_000 # in bytes allow_federation = true allow_check_for_updates = false trusted_servers = ["matrix.org"] address = "0.0.0.0" ''; }; }