element-hq · JoshuaHassler · Feb 16, 2026 · Feb 18, 2026 · Feb 18, 2026 · Feb 26, 2026
@@ -0,0 +1,41 @@
+{
+  "type": "object",
+  "properties": {
+    "existingGateways": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": [
+          "name"
+        ],
+        "properties": {
+          "name": { "type": "string" },
+          "namespace": { "type": "string" },
+          "group": { "type": "string" },
+          "kind": { "type": "string" },
+          "sectionName": { "type": "string" },
+          "port": { "type": "integer" }
+        }
+      },
+      "minItems": 1
+    },
+    "host": {
+      "type": "string"
+    },
+    "annotations": {
+      "type": "object",
+      "additionalProperties": {
+        "type": "string"
+      }
+    },
+    "tlsEnabled": {
+      "type": "boolean"
+    },
+    "tlsSecret": {
+      "type": "string"
+    },
+    "service": {
+      "$ref": "file://common/service.json"
+    }
+  }
+}
@@ -0,0 +1,72 @@
+{
+  "type": "object",
+  "properties": {
+    "existingGateways": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": [
+          "name"
+        ],
+        "properties": {
+          "name": { "type": "string" },
+          "namespace": { "type": "string" },
+          "group": { "type": "string" },
+          "kind": { "type": "string" },
+          "sectionName": { "type": "string" },
+          "port": { "type": "integer" }
+        }
+      },
+      "minItems": 1
+    },
+    "annotations": {
+      "type": "object",
+      "additionalProperties": {
+        "type": "string"
+      }
+    },
+    "tlsEnabled": {
+      "type": "boolean"
+    },
+    "tlsSecret": {
+      "type": "string"
+    },
+    "service": {
+      "type": "object",
+      "required": [
+        "type",
+        "internalTrafficPolicy"
+      ],
+      "properties": {
+        "annotations": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
+        },
+        "type": {
+          "type": "string",
+          "enum": [
+            "ClusterIP",
+            "NodePort",
+            "LoadBalancer"
+          ]
+        },
+        "internalTrafficPolicy": {
+          "type": "string",
+          "enum": [
+            "Cluster",
+            "Local"
+          ]
+        },
+        "externalTrafficPolicy": {
+          "type": "string",
+          "enum": [
+            "Cluster",
+            "Local"
+          ]
+        }
+      }
+    }
+  }
+}
@@ -0,0 +1,38 @@
+{
+  "type": "object",
+  "properties": {
+    "existingGateways": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": [
+          "name"
+        ],
+        "properties": {
+          "name": { "type": "string" },
+          "namespace": { "type": "string" },
+          "group": { "type": "string" },
+          "kind": { "type": "string" },
+          "sectionName": { "type": "string" },
+          "port": { "type": "integer" }
+        }
+      },
+      "minItems": 1
+    },
+    "annotations": {
+      "type": "object",
+      "additionalProperties": {
+        "type": "string"
+      }
+    },
+    "tlsEnabled": {
+      "type": "boolean"
+    },
+    "tlsSecret": {
+      "type": "string"
+    },
+    "service": {
+      "$ref": "file://common/service.json"
+    }
+  }
+}
@@ -28,6 +28,7 @@ certManager: {}
 # serverName: ess.localhost
 {{ labels(global=true) }}
 {{ ingress(global=true) }}
+{{ routes(global=true, withHost=false) }}
 
 ## Common image properties that are applied as defaults to all components.
 image:
@@ -54,6 +55,21 @@ clusterDomain: "cluster.local."
 networking:
   ## Whether components should attempt to bind IPv4 (ipv4) /IPv6 (ipv6) / both (dual-stack)
   ipFamily: dual-stack
+
+## Gateway configuration options
+gateway:
+  ## Create a default gateway for all routes
+  create: false
+
+  ## Set the gateway class to use. If not set it will use the cluster default
+  # className: ""
+
+  ## Additional annotations to add to the gateway resource
+  annotations: {}
+
+## Set the default inbound traffic handler type. Options are ingress | routes | none
+inboundTrafficHandler: ingress
+
 {%- endmacro %}
 
 {% macro containersSecurityContext(key='containersSecurityContext') %}
@@ -170,9 +186,6 @@ networking:
   ## Annotations to be added to {{ 'all Ingresses. Will be merged with component specific Ingress annotations' if global else 'this Ingress' }}
   annotations: {}
 
-  ## What Ingress Class Name that should be used for {{ 'all Ingresses by default' if global else 'this Ingress' }}
-  # className:
-
   ## Disable TLS configuration by setting it to false
   tlsEnabled: true
 
@@ -199,9 +212,62 @@ networking:
   #   externalIPs: []
   service: {}
 {%- endif %}
+
+  ## What Ingress Class Name that should be used for {{ 'all Ingresses by default' if global else 'this Ingress' }}
+  # className:
+
   ## If set, some tweaks will be applied automatically to ingresses based on the controller type here.
   ## This can be set to `ingress-nginx`.
   # controllerType:
+
+
+{%- endmacro %}
+
+{% macro routes(global=false, withHost=true, key='routes') %}
+{%- if  global %}
+## How all routes should be constructed by default, unless overridden
+{%- else %}
+## How this component's routes should be constructed
+{%- endif %}
+{{ key }}:
+{%- if withHost %}
+  ## What hostname should be used for this component
+  # host:
+{% endif %}
+  ## Annotations to be added to {{ 'all routes. Will be merged with component specific route annotations' if global else 'this route' }}
+  annotations: {}
+
+  ## Disable TLS configuration by setting it to false
+  tlsEnabled: true
+
+  ## The name of the Secret containing the TLS certificate and the key that should be used for {{ 'all routes by default' if global else 'this route' }}
+  # tlsSecret:
+
+  ## How the {{ 'Services' if global else 'Service' }} behind {{ 'all routes' if global else 'this route' }} is constructed{{ ' by default' if global else '' }}
+{%- if global %}
+  service:
+    type: ClusterIP
+    ## Annotations to be added to {{ 'all routes services. Will be merged with component specific route services annotations' if global else 'this route' }}
+    annotations: {}
+    # External traffic policy will be configured on services of type `NodePort` and `LoadBalancer`
+    externalTrafficPolicy: Cluster
+    internalTrafficPolicy: Cluster
+{%- else %}
+  # service:
+  #   type: ClusterIP
+  #   annotations: {}
+  #   # External traffic policy will be configured on services of type `NodePort` and `LoadBalancer`
+  #   externalTrafficPolicy: Cluster
+  #   internalTrafficPolicy: Cluster
+  #   # External IPs addresses of this service.
+  #   externalIPs: []
+  service: {}
+{%- endif %}
+
+  ## List of existing Gateway parent refs to connect the routes to.
+  ## More info: https://gateway-api.sigs.k8s.io/reference/spec/#parentreference
+  # existingGateways: {}
+
 {%- endmacro %}
 
 {% macro labels(global=false, key='labels') %}

@@ -10,12 +10,23 @@
       "minimum": 1,
       "type": "integer"
     },
+    "inboundTrafficHandler": {
+      "type": "string",
+      "enum": [
+        "ingress",
+        "routes",
+        "none"
+      ]
+    },
     "image": {
       "$ref": "file://common/image.json"
     },
     "ingress": {
       "$ref": "file://common/ingress.json"
     },
+    "routes": {
+      "$ref": "file://common/routes.json"
+    },
     "labels": {
       "$ref": "file://common/labels.json"
     },

@@ -14,6 +14,7 @@ enabled: true
 replicas: 1
 {{- sub_schema_values.image(registry='oci.element.io', repository='element-admin', tag='0.1.10') -}}
 {{- sub_schema_values.ingress() -}}
+{{- sub_schema_values.routes() -}}
 {{- sub_schema_values.labels() -}}
 {{- sub_schema_values.workloadAnnotations() -}}
 {{- sub_schema_values.extraEnv() -}}

@@ -16,6 +16,14 @@
       "minimum": 1,
       "type": "integer"
     },
+    "inboundTrafficHandler": {
+      "type": "string",
+      "enum": [
+        "ingress",
+        "routes",
+        "none"
+      ]
+    },
     "extraVolumes": {
       "$ref": "file://common/extraVolumes.json"
     },
@@ -31,6 +39,9 @@
     "ingress": {
       "$ref": "file://common/ingress.json"
     },
+    "routes": {
+      "$ref": "file://common/routes.json"
+    },
     "labels": {
       "$ref": "file://common/labels.json"
     },

@@ -22,6 +22,7 @@ additional: {}
 replicas: 1
 {{- sub_schema_values.image(registry='oci.element.io', repository='element-web', tag='v1.12.12') -}}
 {{- sub_schema_values.ingress() -}}
+{{- sub_schema_values.routes() -}}
 {{- sub_schema_values.labels() -}}
 {{- sub_schema_values.workloadAnnotations() -}}
 {{- sub_schema_values.extraEnv() -}}

@@ -45,12 +45,23 @@
         }
       }
     },
+    "inboundTrafficHandler": {
+      "type": "string",
+      "enum": [
+        "ingress",
+        "routes",
+        "none"
+      ]
+    },
     "additional": {
       "$ref": "file://common/additional.json"
     },
     "ingress": {
       "$ref": "file://common/ingress.json"
     },
+    "routes": {
+      "$ref": "file://common/routes.json"
+    },
     "image": {
       "$ref": "file://common/image.json"
     },

@@ -24,6 +24,7 @@ logging:
 {{ sub_schema_values.credential("Hookshot passkey used to encrypt stored tokens.", "passkey", initIfAbsent=True) }}
 {{ sub_schema_values.redis() }}
 {{ sub_schema_values.ingress() }}
+{{ sub_schema_values.routes() }}
 
 ## Additional configuration to provide to Hookshot.
 ## You can, if you whish, override it in the additional config.

@@ -47,6 +47,14 @@
         }
       }
     },
+    "inboundTrafficHandler": {
+      "type": "string",
+      "enum": [
+        "ingress",
+        "routes",
+        "none"
+      ]
+    },
     "replicas": {
       "type": "integer"
     },
@@ -68,6 +76,9 @@
     "ingress": {
       "$ref": "file://common/ingress.json"
     },
+    "routes": {
+      "$ref": "file://common/routes.json"
+    },
     "labels": {
       "$ref": "file://common/labels.json"
     },

@@ -24,6 +24,7 @@ restrictRoomCreationToLocalUsers: true
 
 replicas: 1
 {{- sub_schema_values.ingress() }}
+{{- sub_schema_values.routes() }}
 {{- sub_schema_values.image(registry='ghcr.io', repository='element-hq/lk-jwt-service', tag='0.4.1') }}
 {{- sub_schema_values.labels() }}
 {{- sub_schema_values.workloadAnnotations() }}