gitea-bot
5ac696fd05
This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. Reviewed-on: #2155 Co-authored-by: gitea-bot <gitea-bot@alexlebens.net> Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
259 lines
7.6 KiB
YAML
259 lines
7.6 KiB
YAML
---
|
|
# Source: element-web/charts/element-web/templates/serviceaccount.yaml
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: element-web
|
|
labels:
|
|
helm.sh/chart: element-web-1.4.24
|
|
app.kubernetes.io/name: element-web
|
|
app.kubernetes.io/instance: element-web
|
|
app.kubernetes.io/version: "1.12.4"
|
|
app.kubernetes.io/managed-by: Helm
|
|
---
|
|
# Source: element-web/charts/element-web/templates/configuration-nginx.yaml
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: element-web-nginx
|
|
labels:
|
|
helm.sh/chart: element-web-1.4.24
|
|
app.kubernetes.io/name: element-web
|
|
app.kubernetes.io/instance: element-web
|
|
app.kubernetes.io/version: "1.12.4"
|
|
app.kubernetes.io/managed-by: Helm
|
|
data:
|
|
default.conf: |
|
|
server {
|
|
listen 8080;
|
|
listen [::]:8080;
|
|
server_name localhost;
|
|
|
|
root /usr/share/nginx/html;
|
|
index index.html;
|
|
|
|
add_header X-Frame-Options SAMEORIGIN;
|
|
add_header X-Content-Type-Options nosniff;
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
add_header Content-Security-Policy "frame-ancestors 'self'";
|
|
|
|
# Set no-cache for the index.html only so that browsers always check for a new copy of Element Web.
|
|
location = /index.html {
|
|
add_header Cache-Control "no-cache";
|
|
}
|
|
|
|
# redirect server error pages to the static page /50x.html
|
|
#
|
|
error_page 500 502 503 504 /50x.html;
|
|
}
|
|
---
|
|
# Source: element-web/charts/element-web/templates/configuration.yaml
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: element-web
|
|
labels:
|
|
helm.sh/chart: element-web-1.4.24
|
|
app.kubernetes.io/name: element-web
|
|
app.kubernetes.io/instance: element-web
|
|
app.kubernetes.io/version: "1.12.4"
|
|
app.kubernetes.io/managed-by: Helm
|
|
data:
|
|
config.json: |
|
|
{"brand":"Alex Lebens","branding":{"auth_header_logo_url":"https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.png","welcome_background_url":"https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background.jpg"},"default_country_code":"US","default_server_config":{"m.homeserver":{"base_url":"https://matrix.alexlebens.dev","server_name":"alexlebens.dev"},"m.identity_server":{"base_url":"https://alexlebens.dev"}},"default_theme":"dark","disable_3pid_login":true,"sso_redirect_options":{"immediate":true}}
|
|
---
|
|
# Source: element-web/charts/element-web/templates/service.yaml
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: element-web
|
|
labels:
|
|
helm.sh/chart: element-web-1.4.24
|
|
app.kubernetes.io/name: element-web
|
|
app.kubernetes.io/instance: element-web
|
|
app.kubernetes.io/version: "1.12.4"
|
|
app.kubernetes.io/managed-by: Helm
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- port: 80
|
|
targetPort: http
|
|
protocol: TCP
|
|
name: http
|
|
selector:
|
|
app.kubernetes.io/name: element-web
|
|
app.kubernetes.io/instance: element-web
|
|
---
|
|
# Source: element-web/charts/cloudflared/templates/common.yaml
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: element-web-cloudflared
|
|
labels:
|
|
app.kubernetes.io/controller: main
|
|
app.kubernetes.io/instance: element-web
|
|
app.kubernetes.io/managed-by: Helm
|
|
app.kubernetes.io/name: cloudflared
|
|
app.kubernetes.io/version: 2025.10.0
|
|
helm.sh/chart: cloudflared-1.23.0
|
|
namespace: element-web
|
|
spec:
|
|
revisionHistoryLimit: 3
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/controller: main
|
|
app.kubernetes.io/name: cloudflared
|
|
app.kubernetes.io/instance: element-web
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/controller: main
|
|
app.kubernetes.io/instance: element-web
|
|
app.kubernetes.io/name: cloudflared
|
|
spec:
|
|
enableServiceLinks: false
|
|
serviceAccountName: default
|
|
automountServiceAccountToken: true
|
|
hostIPC: false
|
|
hostNetwork: false
|
|
hostPID: false
|
|
dnsPolicy: ClusterFirst
|
|
containers:
|
|
- args:
|
|
- tunnel
|
|
- --protocol
|
|
- http2
|
|
- --no-autoupdate
|
|
- run
|
|
- --token
|
|
- $(CF_MANAGED_TUNNEL_TOKEN)
|
|
env:
|
|
- name: CF_MANAGED_TUNNEL_TOKEN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: cf-tunnel-token
|
|
name: element-web-cloudflared-secret
|
|
image: cloudflare/cloudflared:2025.11.1
|
|
imagePullPolicy: IfNotPresent
|
|
name: main
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 128Mi
|
|
---
|
|
# Source: element-web/charts/element-web/templates/deployment.yaml
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: element-web
|
|
labels:
|
|
helm.sh/chart: element-web-1.4.24
|
|
app.kubernetes.io/name: element-web
|
|
app.kubernetes.io/instance: element-web
|
|
app.kubernetes.io/version: "1.12.4"
|
|
app.kubernetes.io/managed-by: Helm
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: element-web
|
|
app.kubernetes.io/instance: element-web
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
checksum/config: e4e49fadd0eaedd59d5adab594fb3e159fcaaecf883c31012f72a55c7785e1c4
|
|
checksum/config-nginx: 0d6dce57e41259f77d072cd0381296fb272ba1c62d8817d5fd742da9ccce5aa1
|
|
labels:
|
|
app.kubernetes.io/name: element-web
|
|
app.kubernetes.io/instance: element-web
|
|
spec:
|
|
serviceAccountName: element-web
|
|
securityContext:
|
|
{}
|
|
containers:
|
|
- name: element-web
|
|
securityContext:
|
|
{}
|
|
image: "vectorim/element-web:v1.12.4"
|
|
imagePullPolicy: IfNotPresent
|
|
env:
|
|
- name: ELEMENT_WEB_PORT
|
|
value: '8080'
|
|
ports:
|
|
- name: http
|
|
containerPort: 8080
|
|
protocol: TCP
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: http
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: http
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 128Mi
|
|
volumeMounts:
|
|
- mountPath: /app/config.json
|
|
name: config
|
|
subPath: config.json
|
|
- mountPath: /etc/nginx/conf.d/config.json
|
|
name: config-nginx
|
|
subPath: config.json
|
|
volumes:
|
|
- name: config
|
|
configMap:
|
|
name: element-web
|
|
- name: config-nginx
|
|
configMap:
|
|
name: element-web-nginx
|
|
---
|
|
# Source: element-web/templates/external-secret.yaml
|
|
apiVersion: external-secrets.io/v1
|
|
kind: ExternalSecret
|
|
metadata:
|
|
name: element-web-cloudflared-secret
|
|
namespace: element-web
|
|
labels:
|
|
app.kubernetes.io/name: element-web-cloudflared-secret
|
|
app.kubernetes.io/instance: element-web
|
|
app.kubernetes.io/part-of: element-web
|
|
spec:
|
|
secretStoreRef:
|
|
kind: ClusterSecretStore
|
|
name: vault
|
|
data:
|
|
- secretKey: cf-tunnel-token
|
|
remoteRef:
|
|
conversionStrategy: Default
|
|
decodingStrategy: None
|
|
key: /cloudflare/tunnels/element
|
|
metadataPolicy: None
|
|
property: token
|
|
---
|
|
# Source: element-web/charts/element-web/templates/tests/test-connection.yaml
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: "element-web-test-connection"
|
|
labels:
|
|
helm.sh/chart: element-web-1.4.24
|
|
app.kubernetes.io/name: element-web
|
|
app.kubernetes.io/instance: element-web
|
|
app.kubernetes.io/version: "1.12.4"
|
|
app.kubernetes.io/managed-by: Helm
|
|
annotations:
|
|
"helm.sh/hook": test-success
|
|
spec:
|
|
containers:
|
|
- name: wget
|
|
image: busybox
|
|
command: ['wget']
|
|
args: ['element-web:80']
|
|
restartPolicy: Never
|