mirror of
https://forge.liiib.re/indiehost/libre.sh/libre.sh.git
synced 2024-12-28 14:46:41 +00:00
fix(synapse/mmr): add its own ingress for mmr path with vhost, fixes sso
This commit is contained in:
parent
9214855f40
commit
5ad4a482ee
2 changed files with 49 additions and 13 deletions
|
@ -107,6 +107,11 @@ func (r *SynapseReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct
|
||||||
return ctrl.Result{}, err
|
return ctrl.Result{}, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
err = r.reconcileMMRIngress(ctx, &synapse)
|
||||||
|
if err != nil {
|
||||||
|
return ctrl.Result{}, err
|
||||||
|
}
|
||||||
|
|
||||||
err = r.reconcilePostgres(ctx, &synapse, &resources)
|
err = r.reconcilePostgres(ctx, &synapse, &resources)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return ctrl.Result{}, err
|
return ctrl.Result{}, err
|
||||||
|
|
|
@ -91,25 +91,12 @@ func (r *SynapseReconciler) reconcileIngress(ctx context.Context, synapse *matri
|
||||||
ingress.Annotations = make(map[string]string)
|
ingress.Annotations = make(map[string]string)
|
||||||
}
|
}
|
||||||
ingress.Annotations["kubernetes.io/tls-acme"] = "true"
|
ingress.Annotations["kubernetes.io/tls-acme"] = "true"
|
||||||
ingress.Annotations["nginx.ingress.kubernetes.io/upstream-vhost"] = synapse.Spec.ServerName
|
|
||||||
pathType := netv1.PathTypePrefix
|
pathType := netv1.PathTypePrefix
|
||||||
ingress.Spec.Rules = []netv1.IngressRule{{
|
ingress.Spec.Rules = []netv1.IngressRule{{
|
||||||
Host: synapse.Spec.Host,
|
Host: synapse.Spec.Host,
|
||||||
IngressRuleValue: netv1.IngressRuleValue{
|
IngressRuleValue: netv1.IngressRuleValue{
|
||||||
HTTP: &netv1.HTTPIngressRuleValue{
|
HTTP: &netv1.HTTPIngressRuleValue{
|
||||||
Paths: []netv1.HTTPIngressPath{
|
Paths: []netv1.HTTPIngressPath{
|
||||||
{
|
|
||||||
PathType: &pathType,
|
|
||||||
Path: "/_matrix/media",
|
|
||||||
Backend: netv1.IngressBackend{
|
|
||||||
Service: &netv1.IngressServiceBackend{
|
|
||||||
Name: lshr.GetResourceName(synapse, "media-repo"),
|
|
||||||
Port: netv1.ServiceBackendPort{
|
|
||||||
Name: "http",
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
PathType: &pathType,
|
PathType: &pathType,
|
||||||
Path: "/.well-known/matrix/",
|
Path: "/.well-known/matrix/",
|
||||||
|
@ -188,3 +175,47 @@ func (r *SynapseReconciler) reconcileIngress(ctx context.Context, synapse *matri
|
||||||
return controllerutil.SetControllerReference(synapse, &ingress, r.Scheme())
|
return controllerutil.SetControllerReference(synapse, &ingress, r.Scheme())
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (r *SynapseReconciler) reconcileMMRIngress(ctx context.Context, synapse *matrixv1alpha1.Synapse) error {
|
||||||
|
var ingress netv1.Ingress
|
||||||
|
lshr.SetResourceNamespacedName(synapse, &ingress, "mmr")
|
||||||
|
return lshr.CreateOrPatch(ctx, r, &ingress, func() error {
|
||||||
|
if ingress.Annotations[lshmeta.SuspendAnnotation] == "true" {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
lshr.ApplyLabels(synapse, &ingress, nil)
|
||||||
|
if ingress.Annotations == nil {
|
||||||
|
ingress.Annotations = make(map[string]string)
|
||||||
|
}
|
||||||
|
ingress.Annotations["kubernetes.io/tls-acme"] = "true"
|
||||||
|
ingress.Annotations["nginx.ingress.kubernetes.io/upstream-vhost"] = synapse.Spec.ServerName
|
||||||
|
pathType := netv1.PathTypePrefix
|
||||||
|
ingress.Spec.Rules = []netv1.IngressRule{{
|
||||||
|
Host: synapse.Spec.Host,
|
||||||
|
IngressRuleValue: netv1.IngressRuleValue{
|
||||||
|
HTTP: &netv1.HTTPIngressRuleValue{
|
||||||
|
Paths: []netv1.HTTPIngressPath{
|
||||||
|
{
|
||||||
|
PathType: &pathType,
|
||||||
|
Path: "/_matrix/media",
|
||||||
|
Backend: netv1.IngressBackend{
|
||||||
|
Service: &netv1.IngressServiceBackend{
|
||||||
|
Name: lshr.GetResourceName(synapse, "media-repo"),
|
||||||
|
Port: netv1.ServiceBackendPort{
|
||||||
|
Name: "http",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
ingress.Spec.TLS = []netv1.IngressTLS{{
|
||||||
|
SecretName: ingress.Name + "-tls",
|
||||||
|
Hosts: []string{synapse.Spec.Host},
|
||||||
|
}}
|
||||||
|
return controllerutil.SetControllerReference(synapse, &ingress, r.Scheme())
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue