local matrix = import "lib/matrix-ng.libsonnet"; local irc = import "lib/appservice-irc.libsonnet"; local telegram = import "lib/appservice-telegram.libsonnet"; matrix { local app = self, local cfg = app.cfg, cfg+:: { namespace: "matrix", webDomain: "matrix.hackerspace.pl", serverName: "hackerspace.pl", oidc+: { enable: true, config+: { allow_existing_users: true, issuer: "https://sso.hackerspace.pl", client_id: "matrix", client_secret: { secretKeyRef: { name: "oauth2-cas-proxy", key: "oauth2_secret" } }, user_profile_method: "userinfo_endpoint", client_auth_method: "client_secret_post", }, }, }, riot+: { config+: { showLabsSettings: true, }, }, appservices: { "irc-freenode": irc.AppServiceIrc("freenode") { cfg+: { image: cfg.images.appserviceIRC, storageClassName: "waw-hdd-redundant-3", metadata: app.metadata("appservice-irc-freenode"), // TODO(q3k): add labels to blessed nodes nodeSelector: { "kubernetes.io/hostname": "bc01n02.hswaw.net", }, config+: { homeserver+: { url: "https://%s" % [cfg.webDomain], domain: "%s" % [cfg.serverName], }, ircService+: { servers+: { "irc.freenode.net"+: { ircClients+: { maxClients: 150, }, }, }, }, }, }, }, "telegram-prod": telegram.AppServiceTelegram("prod") { cfg+: { image: cfg.images.appserviceTelegram, storageClassName: cfg.storageClassName, metadata: app.metadata("appservice-telegram-prod"), config+: { homeserver+: { address: "https://%s" % [cfg.webDomain], domain: cfg.serverName, }, appservice+: { id: "telegram", }, telegram+: { api_id: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-id", "\n"))[0], api_hash: (std.split(importstr "secrets/plain/appservice-telegram-prod-api-hash", "\n"))[0], bot_token: (std.split(importstr "secrets/plain/appservice-telegram-prod-token", "\n"))[0], }, bridge+: { permissions+: { "hackerspace.pl": "puppeting", "@q3k:hackerspace.pl": "admin", }, }, }, }, }, }, }