112 lines
3 KiB
Nix
112 lines
3 KiB
Nix
let
|
|
appName = "conduwuit";
|
|
conduwuit-Image = "git.gmem.ca/arch/conduwuit:latest";
|
|
in
|
|
{...}: {
|
|
kubernetes.resources.services.conduwuit = {
|
|
spec = {
|
|
selector.app = appName;
|
|
ports.http = {
|
|
port = 6167;
|
|
targetPort = 6167;
|
|
};
|
|
};
|
|
};
|
|
kubernetes.resources.statefulSets.conduwuit.spec = {
|
|
selector.matchLabels.app = appName;
|
|
serviceName = appName;
|
|
template = {
|
|
metadata.labels.app = appName;
|
|
spec = {
|
|
volumes = {
|
|
config.configMap.name = appName;
|
|
};
|
|
containers = {
|
|
conduwuit = {
|
|
image = conduwuit-Image;
|
|
imagePullPolicy = "Always";
|
|
ports.http.containerPort = 6167;
|
|
volumeMounts = [
|
|
{
|
|
name = "data";
|
|
mountPath = "/var/lib/matrix-conduit";
|
|
}
|
|
{
|
|
name = "config";
|
|
mountPath = "/etc/matrix-conduit/conduit.toml";
|
|
subPath = "conduit.toml";
|
|
}
|
|
];
|
|
env.CONDUIT_CONFIG.value = "/etc/matrix-conduit/conduit.toml";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
volumeClaimTemplates = [
|
|
{
|
|
metadata.name = "data";
|
|
spec = {
|
|
storageClassName = "nfs-client";
|
|
accessModes = ["ReadWriteOnce"];
|
|
resources.requests.storage = "5Gi";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
kubernetes.resources.ingresses.conduwuit = {
|
|
metadata = {
|
|
name = appName;
|
|
annotations = {
|
|
"cert-manager.io/issuer" = "le-issuer";
|
|
};
|
|
};
|
|
spec = {
|
|
tls = [
|
|
{
|
|
hosts = ["chat.gmem.ca"];
|
|
secretName = "gmem-ca-wildcard";
|
|
}
|
|
];
|
|
rules = [
|
|
{
|
|
host = "chat.gmem.ca";
|
|
http.paths = [
|
|
{
|
|
path = "/";
|
|
pathType = "Prefix";
|
|
backend.service = {
|
|
name = appName;
|
|
port.name = "http";
|
|
};
|
|
}
|
|
];
|
|
}
|
|
];
|
|
};
|
|
};
|
|
kubernetes.resources.configMaps.conduwuit = {
|
|
metadata = {
|
|
name = appName;
|
|
annotations = {
|
|
"cert-manager.io/issuer" = "le-issuer";
|
|
};
|
|
};
|
|
data."conduit.toml" = ''
|
|
[global]
|
|
# The Conduit server needs all /_matrix/ requests to be reachable at
|
|
# https://your.server.name/ on port 443 (client-server) and 8448 (federation).
|
|
server_name = "gmem.ca"
|
|
|
|
# This is the only directory where Conduit will save its data
|
|
database_path = "/var/lib/matrix-conduit/"
|
|
database_backend = "rocksdb"
|
|
port = 6167
|
|
max_request_size = 20_000_000 # in bytes
|
|
allow_federation = true
|
|
allow_check_for_updates = false
|
|
trusted_servers = ["matrix.org"]
|
|
address = "0.0.0.0"
|
|
'';
|
|
};
|
|
}
|