--- # Source: element-web/charts/element-web/templates/serviceaccount.yaml apiVersion: v1 kind: ServiceAccount metadata: name: element-web labels: helm.sh/chart: element-web-1.4.24 app.kubernetes.io/name: element-web app.kubernetes.io/instance: element-web app.kubernetes.io/version: "1.12.4" app.kubernetes.io/managed-by: Helm --- # Source: element-web/charts/element-web/templates/configuration-nginx.yaml apiVersion: v1 kind: ConfigMap metadata: name: element-web-nginx labels: helm.sh/chart: element-web-1.4.24 app.kubernetes.io/name: element-web app.kubernetes.io/instance: element-web app.kubernetes.io/version: "1.12.4" app.kubernetes.io/managed-by: Helm data: default.conf: | server { listen 8080; listen [::]:8080; server_name localhost; root /usr/share/nginx/html; index index.html; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; add_header Content-Security-Policy "frame-ancestors 'self'"; # Set no-cache for the index.html only so that browsers always check for a new copy of Element Web. location = /index.html { add_header Cache-Control "no-cache"; } # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; } --- # Source: element-web/charts/element-web/templates/configuration.yaml apiVersion: v1 kind: ConfigMap metadata: name: element-web labels: helm.sh/chart: element-web-1.4.24 app.kubernetes.io/name: element-web app.kubernetes.io/instance: element-web app.kubernetes.io/version: "1.12.4" app.kubernetes.io/managed-by: Helm data: config.json: | {"brand":"Alex Lebens","branding":{"auth_header_logo_url":"https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png","welcome_background_url":"https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background.jpg"},"default_country_code":"US","default_server_config":{"m.homeserver":{"base_url":"https://matrix.alexlebens.dev","server_name":"alexlebens.dev"},"m.identity_server":{"base_url":"https://alexlebens.dev"}},"default_theme":"dark","disable_3pid_login":true,"sso_redirect_options":{"immediate":true}} --- # Source: element-web/charts/element-web/templates/service.yaml apiVersion: v1 kind: Service metadata: name: element-web labels: helm.sh/chart: element-web-1.4.24 app.kubernetes.io/name: element-web app.kubernetes.io/instance: element-web app.kubernetes.io/version: "1.12.4" app.kubernetes.io/managed-by: Helm spec: type: ClusterIP ports: - port: 80 targetPort: http protocol: TCP name: http selector: app.kubernetes.io/name: element-web app.kubernetes.io/instance: element-web --- # Source: element-web/charts/cloudflared/templates/common.yaml apiVersion: apps/v1 kind: Deployment metadata: name: element-web-cloudflared labels: app.kubernetes.io/controller: main app.kubernetes.io/instance: element-web app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: cloudflared app.kubernetes.io/version: 2025.10.0 helm.sh/chart: cloudflared-1.23.0 namespace: element-web spec: revisionHistoryLimit: 3 replicas: 1 strategy: type: Recreate selector: matchLabels: app.kubernetes.io/controller: main app.kubernetes.io/name: cloudflared app.kubernetes.io/instance: element-web template: metadata: labels: app.kubernetes.io/controller: main app.kubernetes.io/instance: element-web app.kubernetes.io/name: cloudflared spec: enableServiceLinks: false serviceAccountName: default automountServiceAccountToken: true hostIPC: false hostNetwork: false hostPID: false dnsPolicy: ClusterFirst containers: - args: - tunnel - --protocol - http2 - --no-autoupdate - run - --token - $(CF_MANAGED_TUNNEL_TOKEN) env: - name: CF_MANAGED_TUNNEL_TOKEN valueFrom: secretKeyRef: key: cf-tunnel-token name: element-web-cloudflared-secret image: cloudflare/cloudflared:2025.11.1 imagePullPolicy: IfNotPresent name: main resources: requests: cpu: 10m memory: 128Mi --- # Source: element-web/charts/element-web/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: element-web labels: helm.sh/chart: element-web-1.4.24 app.kubernetes.io/name: element-web app.kubernetes.io/instance: element-web app.kubernetes.io/version: "1.12.4" app.kubernetes.io/managed-by: Helm spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: element-web app.kubernetes.io/instance: element-web template: metadata: annotations: checksum/config: e4e49fadd0eaedd59d5adab594fb3e159fcaaecf883c31012f72a55c7785e1c4 checksum/config-nginx: 0d6dce57e41259f77d072cd0381296fb272ba1c62d8817d5fd742da9ccce5aa1 labels: app.kubernetes.io/name: element-web app.kubernetes.io/instance: element-web spec: serviceAccountName: element-web securityContext: {} containers: - name: element-web securityContext: {} image: "vectorim/element-web:v1.12.4" imagePullPolicy: IfNotPresent env: - name: ELEMENT_WEB_PORT value: '8080' ports: - name: http containerPort: 8080 protocol: TCP livenessProbe: httpGet: path: / port: http readinessProbe: httpGet: path: / port: http resources: requests: cpu: 10m memory: 128Mi volumeMounts: - mountPath: /app/config.json name: config subPath: config.json - mountPath: /etc/nginx/conf.d/config.json name: config-nginx subPath: config.json volumes: - name: config configMap: name: element-web - name: config-nginx configMap: name: element-web-nginx --- # Source: element-web/templates/external-secret.yaml apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: name: element-web-cloudflared-secret namespace: element-web labels: app.kubernetes.io/name: element-web-cloudflared-secret app.kubernetes.io/instance: element-web app.kubernetes.io/part-of: element-web spec: secretStoreRef: kind: ClusterSecretStore name: vault data: - secretKey: cf-tunnel-token remoteRef: conversionStrategy: Default decodingStrategy: None key: /cloudflare/tunnels/element metadataPolicy: None property: token --- # Source: element-web/charts/element-web/templates/tests/test-connection.yaml apiVersion: v1 kind: Pod metadata: name: "element-web-test-connection" labels: helm.sh/chart: element-web-1.4.24 app.kubernetes.io/name: element-web app.kubernetes.io/instance: element-web app.kubernetes.io/version: "1.12.4" app.kubernetes.io/managed-by: Helm annotations: "helm.sh/hook": test-success spec: containers: - name: wget image: busybox command: ['wget'] args: ['element-web:80'] restartPolicy: Never