bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

communication: fix MAS container entrypoint

Browse Source
This commit is contained in:
Brad Stein 2025-12-31 15:41:15 -03:00
parent 716059d9ac
commit d9c003ce5a
1 changed files with 20 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
services/communication/mas-deployment.yaml
View File

@ -28,33 +28,41 @@ spec:
- key: hardware - key: hardware
operator: In operator: In
values: ["rpi5","rpi4"] values: ["rpi5","rpi4"]
containers: initContainers:
- name: mas - name: render-config
image: ghcr.io/element-hq/matrix-authentication-service:0.20.0 image: alpine:3.20
command: ["/bin/sh","-c"] command: ["/bin/sh","-c"]
args: args:
- | - |
set -euo pipefail set -euo pipefail
umask 077 umask 077
DB_PASS_ESCAPED="$(printf '%s' "${MAS_DB_PASSWORD}" | sed 's/[\\/&]/\\&/g')" DB_PASS_ESCAPED="$(printf '%s' "${MAS_DB_PASSWORD}" | sed 's/[\\/&]/\\&/g')"
sed "s/@@MAS_DB_PASSWORD@@/${DB_PASS_ESCAPED}/g" /etc/mas/config.yaml > /var/run/mas-config.yaml sed "s/@@MAS_DB_PASSWORD@@/${DB_PASS_ESCAPED}/g" /etc/mas/config.yaml > /rendered/config.yaml
exec mas-cli server --config /var/run/mas-config.yaml
env: env:
- name: MAS_DB_PASSWORD - name: MAS_DB_PASSWORD
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
name: mas-db name: mas-db
key: password key: password
volumeMounts:
- name: config
mountPath: /etc/mas/config.yaml
subPath: config.yaml
readOnly: true
- name: rendered
mountPath: /rendered
readOnly: false
containers:
- name: mas
image: ghcr.io/element-hq/matrix-authentication-service:0.20.0
args: ["server","--config","/rendered/config.yaml"]
ports: ports:
- name: http - name: http
containerPort: 8080 containerPort: 8080
protocol: TCP protocol: TCP
volumeMounts: volumeMounts:
- name: config - name: rendered
mountPath: /etc/mas/config.yaml mountPath: /rendered
subPath: config.yaml
readOnly: true readOnly: true
- name: secrets - name: secrets
mountPath: /etc/mas/secrets mountPath: /etc/mas/secrets
@ -76,6 +84,8 @@ spec:
items: items:
- key: config.yaml - key: config.yaml
path: config.yaml path: config.yaml
- name: rendered
emptyDir: {}
- name: secrets - name: secrets
secret: secret:
secretName: mas-secrets-runtime secretName: mas-secrets-runtime