AllardDCS/kubernetes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test

Browse Source
This commit is contained in:
admin
2025-12-22 08:24:52 +01:00
parent 4b6f071349
commit d623200d5d
50 changed files with 3941 additions and 147 deletions
Download Patch File Download Diff File Expand all files Collapse all files

221
lp/matrix/werkt/hookshot.yaml Normal file
View File

@@ -0,0 +1,221 @@
# ===========================
# Hookshot ConfigMap
# ===========================
apiVersion: v1
kind: ConfigMap
metadata:
name: matrix-hookshot-config
namespace: matrix
data:
config.yml: |
bridge:
domain: matrix-lp.allarddcs.nl
url: http://matrix.matrix.svc.cluster.local:8008
port: 9993
bindAddress: 0.0.0.0
homeserver:
url: http://matrix.matrix.svc.cluster.local:8008
domain: matrix-lp.allarddcs.nl
appservice:
id: hookshot
as_token: d3c8fccbe082aa2a59da362b3805abe4c4cebcd7e822cdbd700d84e7c55c485f
hs_token: c31f7a18d3d2d79bd7a03e2794d966317155c409699cb6fd0922023cf45f9c3b
bot:
username: hookshot
displayname: Hookshot
logging:
level: debug
listeners:
- port: 9000
bindAddress: 0.0.0.0
resources:
- webhooks
- port: 9001
bindAddress: 0.0.0.0
resources:
- metrics
- port: 9002
bindAddress: 0.0.0.0
resources:
- widgets
- port: 9003
bindAddress: 0.0.0.0
resources:
- appservice
# Redis for persistent token storage
cache:
redisUri: redis://redis:6379
generic:
enabled: true
urlPrefix: https://hookshot-lp.allarddcs.nl/webhook/
userIdPrefix: _webhooks_
includeHookBody: true
allowJsTransformationFunctions: true
passFile: /data/passkey.pem
connections:
- connectionType: uk.half-shot.matrix-hookshot.generic.hook
stateKey: generic-1
roomId: "!BPcyrRUfYdBJrFVdlV:matrix-lp.allarddcs.nl"
state:
name: "Harbor Webhook"
webhookId: harbor
}
---
# ===========================
# Hookshot Deployment
# ===========================
apiVersion: apps/v1
kind: Deployment
metadata:
name: matrix-hookshot
namespace: matrix
spec:
replicas: 1
selector:
matchLabels:
app: matrix-hookshot
template:
metadata:
labels:
app: matrix-hookshot
spec:
containers:
- name: hookshot
image: halfshot/matrix-hookshot:latest
ports:
- name: webhooks
containerPort: 9000
- name: metrics
containerPort: 9001
- name: widgets
containerPort: 9002
- name: appservice
containerPort: 9003
- name: matrix
containerPort: 9993
volumeMounts:
- name: config
mountPath: /data/config.yml
subPath: config.yml
- name: registration
mountPath: /data/registration.yml
subPath: registration.yml
- name: hookshot-passkey
mountPath: /data/passkey.pem
subPath: passkey.pem
env:
- name: CONFIG_FILE
value: /data/config.yml
- name: REGISTRATION_FILE
value: /data/registration.yml
- name: NODE_TLS_REJECT_UNAUTHORIZED
value: "0"
- name: NODE_OPTIONS
value: "--dns-result-order=ipv4first"
volumes:
- name: config
configMap:
name: matrix-hookshot-config
- name: registration
secret:
secretName: matrix-hookshot-registration
- name: hookshot-passkey
secret:
secretName: hookshot-passkey
---
# ===========================
# Hookshot Service
# ===========================
apiVersion: v1
kind: Service
metadata:
name: matrix-hookshot
namespace: matrix
spec:
selector:
app: matrix-hookshot
ports:
- name: webhooks
port: 9000
targetPort: 9000
- name: metrics
port: 9001
targetPort: 9000
- name: widgets
port: 9002
targetPort: 9000
- name: appservice
port: 9003
targetPort: 9003
- name: matrix
port: 9993
targetPort: 9993
---
# ===========================
# Hookshot IngressRoute
# ===========================
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: matrix-hookshot
namespace: matrix
spec:
entryPoints:
- websecure
routes:
- match: Host(`hookshot-lp.allarddcs.nl`) && PathPrefix(`/webhook`)
kind: Rule
services:
- name: matrix-hookshot
port: 9000
tls:
certResolver: default
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: hookshot-pv
spec:
storageClassName: ""
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
mountOptions:
- hard
- nfsvers=4.1
nfs:
server: 192.168.2.110
path: /mnt/nfs_share/hookshot/lp
readOnly: false
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: hookshot-pvc
namespace: matrix
spec:
storageClassName: ""
volumeName: hookshot-pv
accessModes:
- ReadWriteMany
volumeMode: Filesystem
resources:
requests:
storage: 1Gi

122
lp/matrix/werkt/matrix.yaml Executable file
View File

@@ -0,0 +1,122 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: matrix
namespace: matrix
labels:
app: matrix
spec:
replicas: 1
selector:
matchLabels:
app: matrix
template:
metadata:
labels:
app: matrix
spec:
containers:
- name: matrix
image: matrixdotorg/synapse:latest
# args:
# - generate
env:
- name: SYNAPSE_SERVER_NAME
value: "matrix-lp.allarddcs.nl"
# - name: SYNAPSE_REPORT_STATS
# value: "yes"
volumeMounts:
- mountPath: /data
name: matrix
- name: hookshot-registration
mountPath: /appservices/hookshot-registration.yml
subPath: registration.yml
volumes:
- name: matrix
persistentVolumeClaim:
claimName: matrix-pvc
- name: hookshot-registration
secret:
secretName: matrix-hookshot-registration
---
apiVersion: v1
kind: Service
metadata:
name: matrix
namespace: matrix
spec:
ports:
- name: http
targetPort: 8008
port: 8008
selector:
app: matrix
type: ClusterIP
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: matrix-http
namespace: matrix
spec:
entryPoints:
- web
routes:
- match: Host(`matrix-lp.allarddcs.nl`)
kind: Rule
services:
- name: matrix
port: 8008
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: matrix-tls
namespace: matrix
spec:
entryPoints:
- websecure
routes:
- match: Host(`matrix-lp.allarddcs.nl`)
kind: Rule
services:
- name: matrix
port: 8008
tls:
secretName: matrix-lp.allarddcs.nl-tls
# certResolver: letsencrypt
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: matrix-pv
spec:
storageClassName: ""
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
persistentVolumeReclaimPolicy: Retain
mountOptions:
- hard
- nfsvers=4.1
nfs:
server: 192.168.2.110
path: /mnt/nfs_share/matrix/lp
readOnly: false
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: matrix-pvc
namespace: matrix
spec:
storageClassName: ""
volumeName: matrix-pv
accessModes:
- ReadWriteMany
volumeMode: Filesystem
resources:
requests:
storage: 1Gi

22
lp/matrix/werkt/registration-secret.yaml Normal file
View File

@@ -0,0 +1,22 @@
# ===========================
# Hookshot Registration Secret
# ===========================
apiVersion: v1
kind: Secret
metadata:
name: matrix-hookshot-registration
namespace: matrix
type: Opaque
stringData:
registration.yml: |
id: hookshot
url: http://matrix-hookshot.matrix.svc.cluster.local:9993
as_token: d3c8fccbe082aa2a59da362b3805abe4c4cebcd7e822cdbd700d84e7c55c485f
hs_token: c31f7a18d3d2d79bd7a03e2794d966317155c409699cb6fd0922023cf45f9c3b
sender_localpart: hookshot
namespaces:
users:
- exclusive: true
regex: "^@(hookshot|_webhooks_.*):matrix-lp.allarddcs.nl$"
rooms: []
aliases: []