ben/cluster-state
1
0
Fork 0
Code Issues 1 Pull requests Activity Actions

chore(matrix): onboard to traefiks connect-enabled provider

Browse source
This commit is contained in:
Ben Martin 2025-04-15 20:38:01 +00:00
parent e80b0fe623
commit 449105050a
Signed by: ben
GPG key ID: 859A655FCD290E4A
1 changed files with 32 additions and 117 deletions
Download patch file Download diff file Expand all files Collapse all files

149
modules/matrix/jobspec.nomad.hcl
View file

@ -51,6 +51,19 @@ job "matrix" {
}
}
}
tags = [
"traefik.enable=true",
"traefik.http.routers.synapse.rule=Host(`matrix.brmartin.co.uk`)",
"traefik.http.routers.synapse.entrypoints=websecure",
"traefik.http.routers.synapse.middlewares=synapseHeaders,synapseBuffering",
"traefik.http.middlewares.synapseHeaders.headers.accesscontrolallowmethods=GET,POST,PUT,DELETE,OPTIONS",
"traefik.http.middlewares.synapseHeaders.headers.accesscontrolallowheaders=Origin,X-Requested-With,Content-Type,Accept,Authorization",
"traefik.http.middlewares.synapseHeaders.headers.accesscontrolalloworiginlist=*",
"traefik.http.middlewares.synapseBuffering.buffering.maxRequestBodyBytes=1000000000",
"traefik.consulcatalog.connect=true",
]
}
task "synapse" {
@ -320,6 +333,14 @@ job "matrix" {
}
}
}
tags = [
"traefik.enable=true",
"traefik.http.routers.mas.rule=Host(`mas.brmartin.co.uk`) || (Host(`matrix.brmartin.co.uk`) && PathRegexp(`^/_matrix/client/(.*)/(login|logout|refresh)`))",
"traefik.http.routers.mas.entrypoints=websecure",
"traefik.consulcatalog.connect=true",
]
}
task "mas" {
@ -387,6 +408,17 @@ job "matrix" {
}
}
}
tags = [
"traefik.enable=true",
"traefik.http.routers.matrixWellKnown.rule=PathPrefix(`/.well-known/matrix`)",
"traefik.http.routers.matrixWellKnown.entrypoints=websecure",
"traefik.http.routers.matrixWellKnown.middlewares=matrixWellKnown",
"traefik.http.middlewares.matrixWellKnown.headers.accesscontrolalloworiginlist=*",
"traefik.consulcatalog.connect=true",
]
}
task "nginx" {
@ -463,123 +495,6 @@ job "matrix" {
}
}
group "synapse-ingress-group" {
network {
mode = "bridge"
port "inbound" {
to = 8080
}
}
service {
port = "inbound"
tags = [
"traefik.enable=true",
"traefik.http.routers.synapse.rule=Host(`matrix.brmartin.co.uk`)",
"traefik.http.routers.synapse.entrypoints=websecure",
"traefik.http.routers.synapse.middlewares=synapseHeaders,synapseBuffering",
"traefik.http.middlewares.synapseHeaders.headers.accesscontrolallowmethods=GET,POST,PUT,DELETE,OPTIONS",
"traefik.http.middlewares.synapseHeaders.headers.accesscontrolallowheaders=Origin,X-Requested-With,Content-Type,Accept,Authorization",
"traefik.http.middlewares.synapseHeaders.headers.accesscontrolalloworiginlist=*",
"traefik.http.middlewares.synapseBuffering.buffering.maxRequestBodyBytes=1000000000",
]
connect {
gateway {
proxy {
config {
local_idle_timeout_ms = 120000
}
}
ingress {
listener {
port = 8080
protocol = "http"
service {
name = "matrix-synapse"
hosts = ["*"]
}
}
}
}
}
}
}
group "mas-ingress-group" {
network {
mode = "bridge"
port "inbound" {
to = 8080
}
}
service {
port = "inbound"
tags = [
"traefik.enable=true",
"traefik.http.routers.mas.rule=Host(`mas.brmartin.co.uk`) || (Host(`matrix.brmartin.co.uk`) && PathRegexp(`^/_matrix/client/(.*)/(login|logout|refresh)`))",
"traefik.http.routers.mas.entrypoints=websecure",
]
connect {
gateway {
ingress {
listener {
port = 8080
protocol = "http"
service {
name = "matrix-mas"
hosts = ["*"]
}
}
}
}
}
}
}
group "wellknown-ingress-group" {
network {
mode = "bridge"
port "inbound" {
to = 8080
}
}
service {
port = "inbound"
tags = [
"traefik.enable=true",
"traefik.http.routers.matrixWellKnown.rule=PathPrefix(`/.well-known/matrix`)",
"traefik.http.routers.matrixWellKnown.entrypoints=websecure",
"traefik.http.routers.matrixWellKnown.middlewares=matrixWellKnown",
"traefik.http.middlewares.matrixWellKnown.headers.accesscontrolalloworiginlist=*",
]
connect {
gateway {
ingress {
listener {
port = 8080
protocol = "http"
service {
name = "matrix-nginx"
hosts = ["*"]
}
}
}
}
}
}
}
group "element" {
network {