diff --git a/element/kustomization.yaml b/element/kustomization.yaml new file mode 100644 index 0000000..4ae436c --- /dev/null +++ b/element/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - main.yaml \ No newline at end of file diff --git a/element/main.yaml b/element/main.yaml new file mode 100644 index 0000000..0b48cc0 --- /dev/null +++ b/element/main.yaml @@ -0,0 +1,165 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app.kubernetes.io/instance: element + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: element-web + app.kubernetes.io/version: 1.11.110 + helm.sh/chart: element-web-1.4.18 + name: element-element-web +--- +apiVersion: v1 +data: + config.json: | + {"default_server_config":{"m.homeserver":{"base_url":"https://synapse.borninpain.de","server_name":"BornInPain"},"m.identity_server":{"base_url":"https://vector.im"}}} +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: element + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: element-web + app.kubernetes.io/version: 1.11.110 + helm.sh/chart: element-web-1.4.18 + name: element-element-web +--- +apiVersion: v1 +data: + default.conf: | + server { + listen 8080; + listen [::]:8080; + server_name localhost; + + root /usr/share/nginx/html; + index index.html; + + add_header X-Frame-Options SAMEORIGIN; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header Content-Security-Policy "frame-ancestors 'self'"; + + # Set no-cache for the index.html only so that browsers always check for a new copy of Element Web. + location = /index.html { + add_header Cache-Control "no-cache"; + } + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + } +kind: ConfigMap +metadata: + labels: + app.kubernetes.io/instance: element + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: element-web + app.kubernetes.io/version: 1.11.110 + helm.sh/chart: element-web-1.4.18 + name: element-element-web-nginx +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app.kubernetes.io/instance: element + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: element-web + app.kubernetes.io/version: 1.11.110 + helm.sh/chart: element-web-1.4.18 + name: element-element-web +spec: + ports: + - name: http + port: 80 + protocol: TCP + targetPort: http + selector: + app.kubernetes.io/instance: element + app.kubernetes.io/name: element-web + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app.kubernetes.io/instance: element + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: element-web + app.kubernetes.io/version: 1.11.110 + helm.sh/chart: element-web-1.4.18 + name: element-element-web +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: element + app.kubernetes.io/name: element-web + template: + metadata: + annotations: + checksum/config: dd31bc5b1287126b31e1391896739693e4c496d6e69eaa489b0bc7b71d45a368 + checksum/config-nginx: 7d3bb623059a45526eb058e1804aa3d905fe851332eb292857d926aa978586d9 + labels: + app.kubernetes.io/instance: element + app.kubernetes.io/name: element-web + spec: + containers: + - env: + - name: ELEMENT_WEB_PORT + value: "8080" + image: ghcr.io/element-hq/element-web:v1.11.110 + imagePullPolicy: IfNotPresent + livenessProbe: + httpGet: + path: / + port: http + name: element-web + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + httpGet: + path: / + port: http + resources: {} + securityContext: {} + volumeMounts: + - mountPath: /app/config.json + name: config + subPath: config.json + - mountPath: /etc/nginx/conf.d/config.json + name: config-nginx + subPath: config.json + securityContext: {} + serviceAccountName: element-element-web + volumes: + - configMap: + name: element-element-web + name: config + - configMap: + name: element-element-web-nginx + name: config-nginx +--- +apiVersion: v1 +kind: Pod +metadata: + annotations: + helm.sh/hook: test-success + labels: + app.kubernetes.io/instance: element + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: element-web + app.kubernetes.io/version: 1.11.110 + helm.sh/chart: element-web-1.4.18 + name: element-element-web-test-connection +spec: + containers: + - args: + - element-element-web:80 + command: + - wget + image: busybox + name: wget + restartPolicy: Never diff --git a/element/src/kustomization.yaml b/element/src/kustomization.yaml new file mode 100644 index 0000000..216bb5b --- /dev/null +++ b/element/src/kustomization.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +helmCharts: + - name: element-web + repo: https://ananace.gitlab.io/charts + version: 1.4.18 + releaseName: element + includeCRDs: true + namespace: element + valuesFile: values.yaml diff --git a/element/src/values.yaml b/element/src/values.yaml new file mode 100644 index 0000000..1b0c31e --- /dev/null +++ b/element/src/values.yaml @@ -0,0 +1,133 @@ +--- +## Number of replicas +## +replicaCount: 1 + +## Image configuration +## +image: + repository: ghcr.io/element-hq/element-web + pullPolicy: IfNotPresent + # tag: "" + +imagePullSecrets: [] +# nameOverride: "" +# fullnameOverride: "" + +## Default server for the Element install. (Required) +## This will configure the default_server_config block in the config.json +## Ref: https://github.com/vector-im/element-web/blob/develop/config.sample.json +## +defaultServer: + url: https://synapse.borninpain.de + name: BornInPain + # identity_url: 'https://vector.im' + +## Element configuration +## Ref: https://github.com/vector-im/element-web/blob/develop/config.sample.json +## +config: {} + +## Configuration to add into the nginx server object +## +nginxConfig: |- + add_header X-Frame-Options SAMEORIGIN; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header Content-Security-Policy "frame-ancestors 'self'"; + +## Configuration for mounting additional volumes into the application container. +## +extraVolumes: {} +# - name: backgrounds +# persistentVolumeClaim: +# claimName: element-backgrounds +extraVolumeMounts: {} +# - name: backgrounds +# mountPath: /app/themes/element/img/backgrounds/ + +## Configures an application-specific service account. +## +serviceAccount: + create: true + + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +## Additional annotations to add to the pod. +## +podAnnotations: {} + +## Security context configuration to add to the pod. +## +podSecurityContext: {} + # fsGroup: 2000 + +## Security context configuration to add to the container inside the pod. +## +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +## Service configuration. +## +service: + type: ClusterIP + port: 80 + +## Ingress configuration. +## +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + - chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + + ## Set the name of the IngressClass cluster resource (optional) + ## https://kubernetes.io/docs/reference/kubernetes-api/service-resources/ingress-v1/#IngressSpec + # className: can-be-anything + +## Resource configuration for the application. +## +resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +## Configure auto-scaling for the application. +## +autoscaling: + enabled: false + minReplicas: 1 + maxReplicas: 5 + targetCPUUtilizationPercentage: 80 + # targetMemoryUtilizationPercentage: 80 + +## Node selectors to use when deploying the application. +## +nodeSelector: {} + +## Tolerations to apply to the application. +## +tolerations: [] + +## Affinities to set on the application. +## +affinity: {} +