# =========================== # Hookshot ConfigMap # =========================== apiVersion: v1 kind: ConfigMap metadata: name: matrix-hookshot-config namespace: matrix data: config.yml: | bridge: domain: matrix-lp.allarddcs.nl url: http://matrix.matrix.svc.cluster.local:8008 port: 9993 bindAddress: 0.0.0.0 homeserver: url: http://matrix.matrix.svc.cluster.local:8008 domain: matrix-lp.allarddcs.nl appservice: id: hookshot as_token: d3c8fccbe082aa2a59da362b3805abe4c4cebcd7e822cdbd700d84e7c55c485f hs_token: c31f7a18d3d2d79bd7a03e2794d966317155c409699cb6fd0922023cf45f9c3b bot: username: hookshot displayname: Hookshot logging: level: debug listeners: - port: 9000 bindAddress: 0.0.0.0 resources: - webhooks - port: 9001 bindAddress: 0.0.0.0 resources: - metrics - port: 9002 bindAddress: 0.0.0.0 resources: - widgets - port: 9003 bindAddress: 0.0.0.0 resources: - appservice # Redis for persistent token storage cache: redisUri: redis://redis:6379 generic: enabled: true urlPrefix: https://hookshot-lp.allarddcs.nl/webhook/ userIdPrefix: _webhooks_ includeHookBody: true allowJsTransformationFunctions: true passFile: /data/passkey.pem connections: - connectionType: uk.half-shot.matrix-hookshot.generic.hook stateKey: generic-1 roomId: "!BPcyrRUfYdBJrFVdlV:matrix-lp.allarddcs.nl" state: name: "Harbor Webhook" webhookId: harbor } --- # =========================== # Hookshot Deployment # =========================== apiVersion: apps/v1 kind: Deployment metadata: name: matrix-hookshot namespace: matrix spec: replicas: 1 selector: matchLabels: app: matrix-hookshot template: metadata: labels: app: matrix-hookshot spec: containers: - name: hookshot image: halfshot/matrix-hookshot:latest ports: - name: webhooks containerPort: 9000 - name: metrics containerPort: 9001 - name: widgets containerPort: 9002 - name: appservice containerPort: 9003 - name: matrix containerPort: 9993 volumeMounts: - name: config mountPath: /data/config.yml subPath: config.yml - name: registration mountPath: /data/registration.yml subPath: registration.yml - name: hookshot-passkey mountPath: /data/passkey.pem subPath: passkey.pem env: - name: CONFIG_FILE value: /data/config.yml - name: REGISTRATION_FILE value: /data/registration.yml - name: NODE_TLS_REJECT_UNAUTHORIZED value: "0" - name: NODE_OPTIONS value: "--dns-result-order=ipv4first" volumes: - name: config configMap: name: matrix-hookshot-config - name: registration secret: secretName: matrix-hookshot-registration - name: hookshot-passkey secret: secretName: hookshot-passkey --- # =========================== # Hookshot Service # =========================== apiVersion: v1 kind: Service metadata: name: matrix-hookshot namespace: matrix spec: selector: app: matrix-hookshot ports: - name: webhooks port: 9000 targetPort: 9000 - name: metrics port: 9001 targetPort: 9000 - name: widgets port: 9002 targetPort: 9000 - name: appservice port: 9003 targetPort: 9003 - name: matrix port: 9993 targetPort: 9993 --- # =========================== # Hookshot IngressRoute # =========================== apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: matrix-hookshot namespace: matrix spec: entryPoints: - websecure routes: - match: Host(`hookshot-lp.allarddcs.nl`) && PathPrefix(`/webhook`) kind: Rule services: - name: matrix-hookshot port: 9000 tls: certResolver: default --- apiVersion: v1 kind: PersistentVolume metadata: name: hookshot-pv spec: storageClassName: "" capacity: storage: 1Gi accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain mountOptions: - hard - nfsvers=4.1 nfs: server: 192.168.2.110 path: /mnt/nfs_share/hookshot/lp readOnly: false --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: hookshot-pvc namespace: matrix spec: storageClassName: "" volumeName: hookshot-pv accessModes: - ReadWriteMany volumeMode: Filesystem resources: requests: storage: 1Gi