From 2961946f978060274c2fe0bf1ab87e7efff41780 Mon Sep 17 00:00:00 2001 From: JesseBot Date: Tue, 25 Jul 2023 15:31:10 +0200 Subject: [PATCH] Fix `*.ingress.tls` templating (#10) * fix tls templating to allow for less complexity * fix ingress.tls to be rendered automatically --- charts/matrix/Chart.yaml | 2 +- charts/matrix/README.md | 13 +++++------- charts/matrix/templates/element/ingress.yaml | 12 ++++------- .../synapse/synapse-federation-ingress.yaml | 12 ++++------- .../templates/synapse/synapse-ingress.yaml | 20 ++++++++----------- charts/matrix/values.yaml | 15 ++++---------- 6 files changed, 26 insertions(+), 48 deletions(-) diff --git a/charts/matrix/Chart.yaml b/charts/matrix/Chart.yaml index dadd77f6..c3480a4c 100644 --- a/charts/matrix/Chart.yaml +++ b/charts/matrix/Chart.yaml @@ -8,7 +8,7 @@ sources: type: application -version: 4.0.2 +version: 4.0.3 appVersion: v1.88.0 maintainers: diff --git a/charts/matrix/README.md b/charts/matrix/README.md index 79849ed7..26fa9fa4 100644 --- a/charts/matrix/README.md +++ b/charts/matrix/README.md @@ -1,6 +1,6 @@ # matrix -![Version: 4.0.2](https://img.shields.io/badge/Version-4.0.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.88.0](https://img.shields.io/badge/AppVersion-v1.88.0-informational?style=flat-square) +![Version: 4.0.3](https://img.shields.io/badge/Version-4.0.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.88.0](https://img.shields.io/badge/AppVersion-v1.88.0-informational?style=flat-square) A Helm chart to deploy a Matrix homeserver stack into Kubernetes @@ -117,9 +117,8 @@ A Helm chart to deploy a Matrix homeserver stack into Kubernetes | element.ingress.annotations."cert-manager.io/cluster-issuer" | string | `"letsencrypt-staging"` | required for TLS certs issued by cert-manager | | element.ingress.annotations."nginx.ingress.kubernetes.io/configuration-snippet" | string | `"proxy_intercept_errors off;\n"` | | | element.ingress.enabled | bool | `true` | enable ingress for element | -| element.ingress.hosts | string | `"element.chart-example.local"` | the hostname to use for element | -| element.ingress.tls[0].hosts | list | `["element.chart-example.local"]` | the hostname to use for element if using TLS certs | -| element.ingress.tls[0].secretName | string | `"element-tls"` | | +| element.ingress.host | string | `"element.chart-example.local"` | the hostname to use for element | +| element.ingress.tls.enabled | bool | `true` | | | element.integrations.api | string | `"https://scalar.vector.im/api"` | API for the integration server | | element.integrations.enabled | bool | `true` | enables the Integrations menu, including: widgets, bots, and other plugins to Element | | element.integrations.ui | string | `"https://scalar.vector.im/"` | UI to load when a user selects the Integrations button at the top-right of a room | @@ -170,8 +169,7 @@ A Helm chart to deploy a Matrix homeserver stack into Kubernetes | matrix.federation.ingress.annotations."nginx.ingress.kubernetes.io/configuration-snippet" | string | `"proxy_intercept_errors off;\n"` | required for the Nginx ingress provider. You can remove it if you use a different ingress provider | | matrix.federation.ingress.enabled | bool | `true` | | | matrix.federation.ingress.host | string | `"matrix-fed.chart-example.local"` | | -| matrix.federation.ingress.tls[0].hosts[0] | string | `"matrix-fed.chart-example.local"` | | -| matrix.federation.ingress.tls[0].secretName | string | `"federation-tls"` | | +| matrix.federation.ingress.tls.enabled | bool | `true` | | | matrix.federation.whitelist | list | `[]` | Allow list of domains to federate with (comment for all domains except blacklisted) | | matrix.homeserverExtra | object | `{}` | Contents will be appended to the end of the default configuration | | matrix.homeserverOverride | object | `{}` | Replace homeserver.yaml will be replaced with these contents | @@ -235,8 +233,7 @@ A Helm chart to deploy a Matrix homeserver stack into Kubernetes | synapse.ingress.annotations."nginx.ingress.kubernetes.io/configuration-snippet" | string | `"proxy_intercept_errors off;\n"` | This annotation is required for the Nginx ingress provider. You can remove it if you use a different ingress provider | | synapse.ingress.enabled | bool | `true` | | | synapse.ingress.host | string | `"matrix.chart-example.local"` | | -| synapse.ingress.tls[0].hosts[0] | string | `"matrix.chart-example.local"` | | -| synapse.ingress.tls[0].secretName | string | `"matrix-tls"` | | +| synapse.ingress.tls.enabled | bool | `true` | | | synapse.labels | object | `{"component":"synapse"}` | Labels to be appended to all Synapse resources | | synapse.metrics.annotations | bool | `true` | | | synapse.metrics.enabled | bool | `true` | Whether Synapse should capture metrics on an additional endpoint | diff --git a/charts/matrix/templates/element/ingress.yaml b/charts/matrix/templates/element/ingress.yaml index 86f9c01a..31e5e84f 100644 --- a/charts/matrix/templates/element/ingress.yaml +++ b/charts/matrix/templates/element/ingress.yaml @@ -10,25 +10,21 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: -{{- if .Values.element.ingress.tls }} +{{- if .Values.element.ingress.tls.enabled }} tls: - {{- range .Values.element.ingress.tls }} - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} + - {{ .Values.element.ingress.host }} + secretName: element-tls {{- end }} rules: - host: {{ .Values.element.ingress.host }} http: paths: - path: "/" + pathType: ImplementationSpecific backend: service: name: "{{ include "matrix.fullname" . }}-element" port: number: {{ .Values.element.service.port }} - pathType: ImplementationSpecific {{- end }} diff --git a/charts/matrix/templates/synapse/synapse-federation-ingress.yaml b/charts/matrix/templates/synapse/synapse-federation-ingress.yaml index 87c59c92..587dc563 100644 --- a/charts/matrix/templates/synapse/synapse-federation-ingress.yaml +++ b/charts/matrix/templates/synapse/synapse-federation-ingress.yaml @@ -10,25 +10,21 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: -{{- if .Values.matrix.federation.ingress.tls }} +{{- if .Values.matrix.federation.ingress.tls.enabled }} tls: - {{- range .Values.matrix.federation.ingress.tls }} - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} + - {{ .Values.matrix.federation.ingress.host }} + secretName: matrix-federation-tls {{- end }} rules: - host: {{ .Values.matrix.federation.ingress.host }} http: paths: - path: "/" + pathType: ImplementationSpecific backend: service: name: "{{ include "matrix.fullname" . }}-synapse-federation" port: number: {{ .Values.synapse.service.federation.port }} - pathType: ImplementationSpecific {{- end }} diff --git a/charts/matrix/templates/synapse/synapse-ingress.yaml b/charts/matrix/templates/synapse/synapse-ingress.yaml index 9230c2c7..0b1a2fad 100644 --- a/charts/matrix/templates/synapse/synapse-ingress.yaml +++ b/charts/matrix/templates/synapse/synapse-ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.synapse.ingress.enabled -}} +{{- if .Values.synapse.ingress.enabled }} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -10,25 +10,21 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: -{{- if .Values.synapse.ingress.tls }} - tls: - {{- range .Values.synapse.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} -{{- end }} rules: - host: {{ .Values.synapse.ingress.host }} http: paths: - path: "/" + pathType: ImplementationSpecific backend: service: name: "{{ include "matrix.fullname" . }}-synapse" port: number: {{ .Values.synapse.service.port }} - pathType: ImplementationSpecific +{{- if .Values.synapse.ingress.tls.enabled }} + tls: + - secretName: matrix-tls + hosts: + - {{ .Values.synapse.ingress.host }} +{{- end }} {{- end }} diff --git a/charts/matrix/values.yaml b/charts/matrix/values.yaml index db20f8e8..f6a74f38 100644 --- a/charts/matrix/values.yaml +++ b/charts/matrix/values.yaml @@ -77,9 +77,7 @@ matrix: ingress: enabled: true tls: - - secretName: federation-tls - hosts: - - matrix-fed.chart-example.local + enabled: true host: matrix-fed.chart-example.local annotations: # -- required for the Nginx ingress provider. You can remove it if you @@ -347,9 +345,7 @@ synapse: enabled: true host: matrix.chart-example.local tls: - - secretName: matrix-tls - hosts: - - matrix.chart-example.local + enabled: true annotations: # -- This annotation is required for the Nginx ingress provider. You can # remove it if you use a different ingress provider @@ -422,12 +418,9 @@ element: # -- enable ingress for element enabled: true tls: - - secretName: element-tls - # -- the hostname to use for element if using TLS certs - hosts: - - element.chart-example.local + enabled: true # -- the hostname to use for element - hosts: element.chart-example.local + host: element.chart-example.local annotations: # This annotation is required for the Nginx ingress provider. You can # remove it if you use a different ingress provider