4
0
Fork 2
mirror of https://gerrit.hackerspace.pl/hscloud synced 2025-02-11 03:26:45 +00:00

matrix/media-repo: bump version, add signing key

See
https://docs.t2bot.io/matrix-media-repo/v1.3.5/installation/signing-key/
for deployment/migration.

Deployed on matrix.hackerspace.pl

Change-Id: I2ca3d9f09af19bec05e91fce655bc95c9e926b9e
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1996
Reviewed-by: q3k <q3k@hackerspace.pl>
This commit is contained in:
informatic 2024-09-05 23:27:25 +02:00 committed by q3k
parent 88640acd68
commit 898830179d
2 changed files with 6 additions and 2 deletions

View file

@ -115,7 +115,7 @@ local coturn = import "./coturn.libsonnet";
appserviceIRC: "matrixdotorg/matrix-appservice-irc:release-0.35.1",
appserviceTelegram: "dock.mau.dev/mautrix/telegram:v0.15.1@sha256:e328dcf5893a3ec782212d9bb008e4f81ac3cf4e3c7abc3a49cf6b277749b32d",
wellKnown: "registry.k0.hswaw.net/q3k/wellknown:1611960794-adbf560851a46ad0e58b42f0daad7ef19535687c",
mediaRepo: "turt2live/matrix-media-repo:v1.3.4",
mediaRepo: "turt2live/matrix-media-repo:v1.3.7",
coturn: "coturn/coturn:4.6.2-r8-alpine",
},
@ -315,7 +315,7 @@ local coturn = import "./coturn.libsonnet";
image: cfg.images.mediaRepo,
homeservers: [
{name: cfg.serverName, csApi: "https://" + cfg.webDomain}
{name: cfg.serverName, csApi: "https://" + cfg.webDomain, signingKeyPath: "/secrets/mmr.signing-key"}
],
admins: cfg.admins,
@ -388,6 +388,8 @@ local coturn = import "./coturn.libsonnet";
for path in top.synapse.genericWorker.paths
] + [
{ path: "/", backend: top.riot.svc.name_port },
{ path: "/_matrix/client/v1/media/", backend: if cfg.mediaRepo.route then top.mediaRepo.svc.name_port else top.synapse.mediaWorker.svc.name_port },
{ path: "/_matrix/federation/v1/media/", backend: if cfg.mediaRepo.route then top.mediaRepo.svc.name_port else top.synapse.mediaWorker.svc.name_port },
{ path: "/_matrix/media/", backend: if cfg.mediaRepo.route then top.mediaRepo.svc.name_port else top.synapse.mediaWorker.svc.name_port },
{ path: "/_matrix/", backend: top.synapse.main.svc.name_port },

View file

@ -75,6 +75,7 @@ local kube = import "../../../kube/kube.libsonnet";
spec+: {
volumes_: {
config: kube.SecretVolume(top.configSecret),
secrets: { secret: { secretName: "media-repo" } },
tempdir: kube.EmptyDirVolume(),
},
containers_: {
@ -90,6 +91,7 @@ local kube = import "../../../kube/kube.libsonnet";
volumeMounts_: {
config: { mountPath: "/config" },
tempdir: { mountPath: "/tmp/mediarepo_s3_upload" },
secrets: { mountPath: "/secrets" },
},
readinessProbe: {
httpGet: {