gmoker/element
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bump: v1.11.99 #7

Merged
ange merged 10 commits from devel into staging 2025-05-03 04:24:51 +00:00
Conversation 0 Commits 10 Files Changed 4 +28 -17
4 changed files with 28 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.env
View File

@ -1,2 +1,2 @@
PROD_URL=chat.gmoker.com PROD_URL=chat.gmoker.com
IMAGEAPP=docker.io/vectorim/element-web:v1.11.89 IMAGEAPP=docker.io/vectorim/element-web:v1.11.99

4
compose.yaml
View File

@ -4,6 +4,8 @@ services:
image: "$IMAGEAPP" image: "$IMAGEAPP"
restart: unless-stopped restart: unless-stopped
ports: ports:
- "8080:80" - "8080:8080"
environment:
- ELEMENT_WEB_PORT=8080
volumes: volumes:
- ./config/config.json:/app/config.json:ro - ./config/config.json:/app/config.json:ro

17
manifests/bin/deploy.sh
View File

@ -3,34 +3,33 @@ set -o pipefail
function kapply() { function kapply() {
for f in "$@"; do for f in "$@"; do
kubectl apply -f <(envsubst < "manifests/$f") kubectl apply --server-side \
-f<(envsubst "$(env | sed 's/^/$/')" < "manifests/$f")
done done
}; export -f kapply }; export -f kapply
function kcreatesec() { function kcreatesec() {
kubectl create secret generic --dry-run=client -oyaml "$@" | kubectl replace -f- kubectl apply --server-side \
-f<(kubectl create secret generic --dry-run=client -oyaml "$@")
}; export -f kcreatesec }; export -f kcreatesec
function kcreatecm() { function kcreatecm() {
kubectl create configmap --dry-run=client -oyaml "$@" | kubectl replace -f- kubectl apply --server-side \
-f<(kubectl create configmap --dry-run=client -oyaml "$@")
}; export -f kcreatecm }; export -f kcreatecm
function kgseckey() { function kgseckey() {
local sec="$1"; shift local sec="$1"; shift
local key="$1"; shift local key="$1"; shift
if ! kubectl get secret "$sec" -ojson | jq -re ".data.\"$key\" // empty" | base64 -d; then kubectl get secret "$sec" -ojson | jq -re ".data.\"$key\"" | base64 -d
return 1
fi
}; export -f kgseckey }; export -f kgseckey
function kgcmkey() { function kgcmkey() {
local cm="$1"; shift local cm="$1"; shift
local key="$1"; shift local key="$1"; shift
if ! kubectl get configmap "$cm" -ojson | jq -re ".data.\"$key\" // empty"; then kubectl get configmap "$cm" -ojson | jq -re ".data.\"$key\""
return 1
fi
}; export -f kgcmkey }; export -f kgcmkey

22
manifests/common/app.yaml
View File

@ -5,11 +5,18 @@ metadata:
name: app name: app
annotations: annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/cluster-issuer: letsencrypt-prod
gethomepage.dev/enabled: "true" nginx.ingress.kubernetes.io/configuration-snippet: |
gethomepage.dev/instance: "$GITHUB_REF_NAME" more_set_headers "X-Frame-Options: SAMEORIGIN";
gethomepage.dev/name: Element more_set_headers "X-Content-Type-Options: nosniff";
gethomepage.dev/icon: element more_set_headers "X-XSS-Protection: 1; mode=block";
gethomepage.dev/description: Secure collaboration and messaging more_set_headers "Content-Security-Policy: frame-ancestors 'self'";
if ($request_uri = /) {
more_set_headers "Cache-Control: no-cache";
}
if ($request_uri ~* ^/(config\..*\.json|i18n|home|sites|index\.html)$) {
more_set_headers "Cache-Control: no-cache, no-store, must-revalidate";
}
spec: spec:
ingressClassName: nginx ingressClassName: nginx
tls: tls:
@ -63,7 +70,10 @@ spec:
image: "$IMAGEAPP" image: "$IMAGEAPP"
ports: ports:
- name: http - name: http
containerPort: 80 containerPort: 8080
env:
- name: ELEMENT_WEB_PORT
value: "8080"
volumeMounts: volumeMounts:
- name: config - name: config
mountPath: /app/config.json mountPath: /app/config.json