arch/infra
arch/infra
1
0
Fork 0
Code Actions Packages Activity
infra/homelab/conduit.nix
Gabriel Simmer 9439acf4d1
All checks were successful
Lint / lint (push) Successful in 18s
Details
Build Pi NixOS Image / sync (push) Successful in 26m51s
Details
format with alejandra style
2024-02-05 13:13:44 +00:00

112 lines
3 KiB
Nix
Raw Blame History

let
appName = "conduwuit";
conduwuit-Image = "git.gmem.ca/arch/conduwuit:latest";
in
{...}: {
kubernetes.resources.services.conduwuit = {
spec = {
selector.app = appName;
ports.http = {
port = 6167;
targetPort = 6167;
};
};
};
kubernetes.resources.statefulSets.conduwuit.spec = {
selector.matchLabels.app = appName;
serviceName = appName;
template = {
metadata.labels.app = appName;
spec = {
volumes = {
config.configMap.name = appName;
};
containers = {
conduwuit = {
image = conduwuit-Image;
imagePullPolicy = "Always";
ports.http.containerPort = 6167;
volumeMounts = [
{
name = "data";
mountPath = "/var/lib/matrix-conduit";
}
{
name = "config";
mountPath = "/etc/matrix-conduit/conduit.toml";
subPath = "conduit.toml";
}
];
env.CONDUIT_CONFIG.value = "/etc/matrix-conduit/conduit.toml";
};
};
};
};
volumeClaimTemplates = [
{
metadata.name = "data";
spec = {
storageClassName = "nfs-client";
accessModes = ["ReadWriteOnce"];
resources.requests.storage = "5Gi";
};
}
];
};
kubernetes.resources.ingresses.conduwuit = {
metadata = {
name = appName;
annotations = {
"cert-manager.io/issuer" = "le-issuer";
};
};
spec = {
tls = [
{
hosts = ["chat.gmem.ca"];
secretName = "gmem-ca-wildcard";
}
];
rules = [
{
host = "chat.gmem.ca";
http.paths = [
{
path = "/";
pathType = "Prefix";
backend.service = {
name = appName;
port.name = "http";
};
}
];
}
];
};
};
kubernetes.resources.configMaps.conduwuit = {
metadata = {
name = appName;
annotations = {
"cert-manager.io/issuer" = "le-issuer";
};
};
data."conduit.toml" = ''
[global]
# The Conduit server needs all /_matrix/ requests to be reachable at
# https://your.server.name/ on port 443 (client-server) and 8448 (federation).
server_name = "gmem.ca"
# This is the only directory where Conduit will save its data
database_path = "/var/lib/matrix-conduit/"
database_backend = "rocksdb"
port = 6167
max_request_size = 20_000_000 # in bytes
allow_federation = true
allow_check_for_updates = false
trusted_servers = ["matrix.org"]
address = "0.0.0.0"
'';
};
}
View git blame Copy permalink