mirror of
https://github.com/matrix-org/dendrite.git
synced 2025-01-30 23:54:27 -06:00
b538f237df
This updates the matchers for deriving the host values from the dendrite config. The original version turned out to have 2 complications: - It did not support IPv6 addresses as host value - It failed for `well_known_client_host` which is a (base) URL instead of a hostname+port. I've verified `well_known_server_name` with ``` dendrite.example.net:443 dendrite.example.net 192.168.1.1 192.168.1.1:1324 [dead::beef]:1234 [dead::beef] [ffff:dead::beef] ``` and `well_known_client_name` with: ``` https://dendrite.example.net:443 https://dendrite.example.net https://dendrite.example.net/ http://dendrite.example.net:8080/ http://192.168.1.1 http://192.168.1.1:8080/ http://[dead::beef]:1234 http://[dead::beef]/ http://[ffff:dead::beef] ``` Fixes #3175 ### Pull Request Checklist <!-- Please read https://matrix-org.github.io/dendrite/development/contributing before submitting your pull request --> * [x] I have added Go unit tests or [Complement integration tests](https://github.com/matrix-org/complement) for this PR _or_ I have justified why this PR doesn't need tests * [x] Pull request includes a [sign off below using a legally identifiable name](https://matrix-org.github.io/dendrite/development/contributing#sign-off) _or_ I have already signed off privately Signed-off-by: `Omar Pakker <Omar007@users.noreply.github.com>` --------- Signed-off-by: Omar Pakker <Omar007@users.noreply.github.com> [skip CI]
113 lines
4.3 KiB
YAML
113 lines
4.3 KiB
YAML
{{ template "validate.config" . }}
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
namespace: {{ $.Release.Namespace }}
|
|
name: {{ include "dendrite.fullname" . }}
|
|
labels:
|
|
{{- include "dendrite.labels" . | nindent 4 }}
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
{{- include "dendrite.selectorLabels" . | nindent 6 }}
|
|
replicas: 1
|
|
strategy:
|
|
type: {{ $.Values.strategy.type }}
|
|
{{- if eq $.Values.strategy.type "RollingUpdate" }}
|
|
rollingUpdate:
|
|
maxSurge: {{ $.Values.strategy.rollingUpdate.maxSurge }}
|
|
maxUnavailable: {{ $.Values.strategy.rollingUpdate.maxUnavailable }}
|
|
{{- end }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{- include "dendrite.selectorLabels" . | nindent 8 }}
|
|
annotations:
|
|
confighash: secret-{{ .Values.dendrite_config | toYaml | sha256sum | trunc 32 }}
|
|
spec:
|
|
volumes:
|
|
- name: {{ include "dendrite.fullname" . }}-conf-vol
|
|
secret:
|
|
secretName: {{ include "dendrite.fullname" . }}-conf
|
|
- name: {{ include "dendrite.fullname" . }}-signing-key
|
|
secret:
|
|
secretName: {{ default (print ( include "dendrite.fullname" . ) "-signing-key") $.Values.signing_key.existingSecret | quote }}
|
|
{{- if (gt (len ($.Files.Glob "appservices/*")) 0) }}
|
|
- name: {{ include "dendrite.fullname" . }}-appservices
|
|
secret:
|
|
secretName: {{ include "dendrite.fullname" . }}-appservices-conf
|
|
{{- end }}
|
|
- name: {{ include "dendrite.fullname" . }}-jetstream
|
|
persistentVolumeClaim:
|
|
claimName: {{ default (print ( include "dendrite.fullname" . ) "-jetstream-pvc") $.Values.persistence.jetstream.existingClaim | quote }}
|
|
- name: {{ include "dendrite.fullname" . }}-media
|
|
persistentVolumeClaim:
|
|
claimName: {{ default (print ( include "dendrite.fullname" . ) "-media-pvc") $.Values.persistence.media.existingClaim | quote }}
|
|
- name: {{ include "dendrite.fullname" . }}-search
|
|
persistentVolumeClaim:
|
|
claimName: {{ default (print ( include "dendrite.fullname" . ) "-search-pvc") $.Values.persistence.search.existingClaim | quote }}
|
|
{{- with .Values.extraVolumes }}
|
|
{{ . | toYaml | nindent 6 }}
|
|
{{- end }}
|
|
containers:
|
|
- name: {{ .Chart.Name }}
|
|
{{- include "image.name" . | nindent 8 }}
|
|
args:
|
|
- '--config'
|
|
- '/etc/dendrite/dendrite.yaml'
|
|
ports:
|
|
- name: http
|
|
containerPort: 8008
|
|
protocol: TCP
|
|
{{- if $.Values.dendrite_config.global.profiling.enabled }}
|
|
env:
|
|
- name: PPROFLISTEN
|
|
value: "localhost:{{- $.Values.dendrite_config.global.profiling.port -}}"
|
|
{{- end }}
|
|
resources:
|
|
{{- toYaml $.Values.resources | nindent 10 }}
|
|
volumeMounts:
|
|
- mountPath: /etc/dendrite/
|
|
name: {{ include "dendrite.fullname" . }}-conf-vol
|
|
- mountPath: /etc/dendrite/secrets/
|
|
name: {{ include "dendrite.fullname" . }}-signing-key
|
|
{{- if (gt (len ($.Files.Glob "appservices/*")) 0) }}
|
|
- mountPath: /etc/dendrite/appservices
|
|
name: {{ include "dendrite.fullname" . }}-appservices
|
|
readOnly: true
|
|
{{ end }}
|
|
- mountPath: {{ .Values.dendrite_config.media_api.base_path }}
|
|
name: {{ include "dendrite.fullname" . }}-media
|
|
- mountPath: {{ .Values.dendrite_config.global.jetstream.storage_path }}
|
|
name: {{ include "dendrite.fullname" . }}-jetstream
|
|
- mountPath: {{ .Values.dendrite_config.sync_api.search.index_path }}
|
|
name: {{ include "dendrite.fullname" . }}-search
|
|
{{- with .Values.extraVolumeMounts }}
|
|
{{ . | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
livenessProbe:
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 10
|
|
httpGet:
|
|
path: /_dendrite/monitor/health
|
|
port: http
|
|
readinessProbe:
|
|
initialDelaySeconds: 10
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 10
|
|
httpGet:
|
|
path: /_dendrite/monitor/health
|
|
port: http
|
|
startupProbe:
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
failureThreshold: 10
|
|
httpGet:
|
|
path: /_dendrite/monitor/up
|
|
port: http
|