From 7756d35fa156b36ed50ba8f837273db56323f45f Mon Sep 17 00:00:00 2001 From: Dominik Henneke Date: Wed, 11 Oct 2023 17:26:34 +0200 Subject: [PATCH] fix(element): Add the Matrix NeoChoice Widget deployment --- helmfile/apps/element/helmfile.yaml | 8 +++++ helmfile/apps/element/values-element.gotmpl | 16 +++++++++ .../values-matrix-neochoice-widget.gotmpl | 33 +++++++++++++++++++ .../values-matrix-neochoice-widget.yaml | 21 ++++++++++++ helmfile/environments/default/global.yaml | 2 +- helmfile/environments/default/images.yaml | 4 +++ helmfile/environments/default/replicas.yaml | 1 + helmfile/environments/default/resources.yaml | 7 ++++ 8 files changed, 91 insertions(+), 1 deletion(-) create mode 100644 helmfile/apps/element/values-matrix-neochoice-widget.gotmpl create mode 100644 helmfile/apps/element/values-matrix-neochoice-widget.yaml diff --git a/helmfile/apps/element/helmfile.yaml b/helmfile/apps/element/helmfile.yaml index e9796637..6f9dc9c8 100644 --- a/helmfile/apps/element/helmfile.yaml +++ b/helmfile/apps/element/helmfile.yaml @@ -67,6 +67,14 @@ releases: - "values-matrix-neoboard-widget.gotmpl" condition: "element.enabled" + - name: "matrix-neochoice-widget" + chart: "opendesk-matrix-widgets-repo/matrix-neochoice-widget" + version: "3.0.0" + values: + - "values-matrix-neochoice-widget.yaml" + - "values-matrix-neochoice-widget.gotmpl" + condition: "element.enabled" + commonLabels: deploy-stage: "component-1" component: "element" diff --git a/helmfile/apps/element/values-element.gotmpl b/helmfile/apps/element/values-element.gotmpl index d14a190b..f919cafc 100644 --- a/helmfile/apps/element/values-element.gotmpl +++ b/helmfile/apps/element/values-element.gotmpl @@ -39,6 +39,22 @@ configuration: - org.matrix.msc3819.send.to_device:net.nordeck.whiteboard.connection_signaling - org.matrix.msc3819.receive.to_device:net.nordeck.whiteboard.connection_signaling - town.robin.msc3846.turn_servers + "https://{{ .Values.global.hosts.matrixNeoChoiceWidget }}.{{ .Values.global.domain }}/*": + preload_approved: true + capabilities_approved: + - org.matrix.msc2762.send.event:net.nordeck.poll.vote + - org.matrix.msc2762.receive.event:net.nordeck.poll.vote + - org.matrix.msc2762.send.state_event:net.nordeck.poll + - org.matrix.msc2762.receive.state_event:net.nordeck.poll + - org.matrix.msc2762.send.state_event:net.nordeck.poll.settings + - org.matrix.msc2762.receive.state_event:net.nordeck.poll.settings + - org.matrix.msc2762.receive.state_event:m.room.power_levels + - org.matrix.msc2762.receive.state_event:m.room.name + - org.matrix.msc2762.receive.state_event:m.room.member + - org.matrix.msc2762.send.state_event:net.nordeck.poll.group + - org.matrix.msc2762.receive.state_event:net.nordeck.poll.group + - org.matrix.msc2762.send.event:net.nordeck.poll.start + - org.matrix.msc2762.receive.event:net.nordeck.poll.start image: imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" diff --git a/helmfile/apps/element/values-matrix-neochoice-widget.gotmpl b/helmfile/apps/element/values-matrix-neochoice-widget.gotmpl new file mode 100644 index 00000000..4e0e5c8a --- /dev/null +++ b/helmfile/apps/element/values-matrix-neochoice-widget.gotmpl @@ -0,0 +1,33 @@ +{{/* +SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +SPDX-License-Identifier: Apache-2.0 +*/}} +--- +global: + domain: "{{ .Values.global.domain }}" + imageRegistry: "{{ .Values.global.imageRegistry }}" + hosts: + {{ .Values.global.hosts | toYaml | nindent 4 }} + imagePullSecrets: + {{ .Values.global.imagePullSecrets | toYaml | nindent 4 }} + +image: + imagePullPolicy: "{{ .Values.global.imagePullPolicy }}" + repository: "{{ .Values.images.matrixNeoChoiceWidget.repository }}" + tag: "{{ .Values.images.matrixNeoChoiceWidget.tag }}" + +ingress: + enabled: "{{ .Values.ingress.enabled }}" + ingressClassName: "{{ .Values.ingress.ingressClassName }}" + tls: + enabled: "{{ .Values.ingress.tls.enabled }}" + secretName: "{{ .Values.ingress.tls.secretName }}" + +theme: + {{ .Values.theme | toYaml | nindent 2 }} + +replicaCount: {{ .Values.replicas.matrixNeoChoiceWidget }} + +resources: + {{ .Values.resources.matrixNeoChoiceWidget | toYaml | nindent 2 }} +... diff --git a/helmfile/apps/element/values-matrix-neochoice-widget.yaml b/helmfile/apps/element/values-matrix-neochoice-widget.yaml new file mode 100644 index 00000000..2e1906bb --- /dev/null +++ b/helmfile/apps/element/values-matrix-neochoice-widget.yaml @@ -0,0 +1,21 @@ +# SPDX-FileCopyrightText: 2023 Bundesministerium des Innern und für Heimat, PG ZenDiS "Projektgruppe für Aufbau ZenDiS" +# SPDX-License-Identifier: Apache-2.0 +--- +containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - "ALL" + enabled: true + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 101 + runAsNonRoot: true + runAsUser: 101 + seccompProfile: + type: "RuntimeDefault" + +podSecurityContext: + enabled: true + fsGroup: 101 +... diff --git a/helmfile/environments/default/global.yaml b/helmfile/environments/default/global.yaml index a4e2ed31..f60aaaff 100644 --- a/helmfile/environments/default/global.yaml +++ b/helmfile/environments/default/global.yaml @@ -16,13 +16,13 @@ global: jitsi: "meet" keycloak: "id" matrixNeoBoardWidget: "matrix-neoboard-widget" + matrixNeoChoiceWidget: "matrix-neochoice-widget" meetingWidgetsBot: "meeting-widgets-bot" meetingWidgets: "meeting-widgets" nextcloud: "fs" openproject: "project" openxchange: "webmail" openxchangeProvisioning: "ox-provisioning" - pollWidget: "poll-widget" synapse: "matrix" univentionCorporateServer: "portal" univentionManagementStack: "portal" diff --git a/helmfile/environments/default/images.yaml b/helmfile/environments/default/images.yaml index e2a5f6f4..4f3d11d2 100644 --- a/helmfile/environments/default/images.yaml +++ b/helmfile/environments/default/images.yaml @@ -79,6 +79,10 @@ images: repository: "nordeck/matrix-neoboard-widget" tag: "0.4.0@sha256:c5e72409a0edc1962e9be618fcb83acce19e64c0c645075d8ff0ccde06e93fc7" # @supplier: "Nordeck" + matrixNeoChoiceWidget: + repository: "nordeck/matrix-poll-widget" + tag: "1.2.0@sha256:0abcf7c368c91721413c96deaa1e87f095b6afbe864ea5f042c9a370c38fb07b" + # @supplier: "Nordeck" memcached: repository: "bitnami/memcached" tag: "1.6.21-debian-11-r107@sha256:247ec29efd6030960047a623aef025021154662edf6b6d6e88c97936f164d99d" diff --git a/helmfile/environments/default/replicas.yaml b/helmfile/environments/default/replicas.yaml index 620cb25d..a459c66f 100644 --- a/helmfile/environments/default/replicas.yaml +++ b/helmfile/environments/default/replicas.yaml @@ -20,6 +20,7 @@ replicas: jvb: 1 keycloak: 1 matrixNeoBoardWidget: 1 + matrixNeoChoiceWidget: 1 # clamav-distributed milter: 1 nextcloud: 1 diff --git a/helmfile/environments/default/resources.yaml b/helmfile/environments/default/resources.yaml index 63116ca1..677eb232 100644 --- a/helmfile/environments/default/resources.yaml +++ b/helmfile/environments/default/resources.yaml @@ -121,6 +121,13 @@ resources: requests: cpu: 0.1 memory: "50Mi" + matrixNeoChoiceWidget: + limits: + cpu: 1 + memory: "250Mi" + requests: + cpu: 0.1 + memory: "50Mi" memcached: limits: cpu: 1