wrenix/flux-charts
1
0
Fork 0
Code Issues 14 Pull requests 1 Projects Releases Packages Wiki Activity Actions

feat(mycloud-matrix): add bridge support for slack

Browse source
This commit is contained in:
WrenIX 2024-10-14 12:09:07 +02:00
parent 37ccf5b217
commit 1599641889
Signed by: wrenix
GPG key ID: 7AFDB012974B1BB5
6 changed files with 337 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
base-values/mycloud-matrix-slack.yaml Normal file
View file

@ -0,0 +1,18 @@
##
# commons are from mycloud-core
##
components:
mycloud-services:
# patch mycloud-core to get another database
values:
databases:
matrix-bridge-slack:
type: postgresql
mycloud-matrix:
# patch mycloud-core to get another database
values:
bridge:
slack:
enabled: true

161
mycloud-matrix/README.adoc
View file

@ -225,6 +225,46 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat
| `false` | `false`
| |
| bridge.slack.admins
| list
| `[]`
|
| bridge.slack.enabled
| bool
| `false`
|
| commons.networkpolicies.enabled
| bool
| `false`
|
| commons.networkpolicies.from.ingress
| list
| `[]`
|
| commons.networkpolicies.from.metrics
| list
| `[]`
|
| commons.networkpolicies.to.dns
| list
| `[]`
|
| commons.networkpolicies.to.matrix
| list
| `[]`
|
| commons.networkpolicies.to.smtp
| list
| `[]`
|
| databases.authenticationService.host | databases.authenticationService.host
| string | string
| `"mycloud-services-postgresql"` | `"mycloud-services-postgresql"`
@ -265,6 +305,26 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat
| `"matrix-bridge-signal"` | `"matrix-bridge-signal"`
| |
| databases.bridge.slack.host
| string
| `"mycloud-services-postgresql"`
| default is from mycloud-services
| databases.bridge.slack.name
| string
| `"matrix-bridge-slack"`
|
| databases.bridge.slack.password
| string
| `nil`
| generated by .commons.masterPassword (equal to mycloud-services)
| databases.bridge.slack.username
| string
| `"matrix-bridge-slack"`
|
| databases.server.host | databases.server.host
| string | string
| `"mycloud-services-postgresql"` | `"mycloud-services-postgresql"`
@ -306,8 +366,8 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat
| |
| ingress.authenticationService.annotations | ingress.authenticationService.annotations
| string | object
| `nil` | `{}`
| |
| ingress.authenticationService.host | ingress.authenticationService.host
@ -316,8 +376,23 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat
| default: auth.matrix.(.commons.ingress.domain) | default: auth.matrix.(.commons.ingress.domain)
| ingress.element.annotations | ingress.element.annotations
| string | object
| `nil` | `{}`
|
| ingress.element.config.features.feature_location_share_live
| bool
| `true`
|
| ingress.element.config.features.feature_new_room_decoration_ui
| bool
| `true`
|
| ingress.element.config.features.feature_notifications
| bool
| `true`
| |
| ingress.element.enabled | ingress.element.enabled
@ -330,9 +405,44 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat
| `nil` | `nil`
| default: element.(.commons.ingress.domain) | default: element.(.commons.ingress.domain)
| ingress.hydrogen.annotations | ingress.elementCall.annotations
| object
| `{}`
|
| ingress.elementCall.enabled
| bool
| `false`
| deploy element-call
| ingress.elementCall.host
| string | string
| `nil` | `nil`
| default: call.(.commons.ingress.domain)
| ingress.elementCall.livekitJWT.host
| string
| `nil`
| default: call.(.commons.ingress.domain)
| ingress.elementCall.livekitJWT.livekit.host
| string
| `nil`
| default: .ingress.livekit.host
| ingress.elementCall.livekitJWT.livekit.key
| string
| `nil`
| default: .livekit.key
| ingress.elementCall.livekitJWT.livekit.secret
| string
| `nil`
| default: .livekit.secret
| ingress.hydrogen.annotations
| object
| `{}`
| |
| ingress.hydrogen.enabled | ingress.hydrogen.enabled
@ -345,9 +455,24 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat
| `nil` | `nil`
| default: hydrogen.(.commons.ingress.domain) | default: hydrogen.(.commons.ingress.domain)
| ingress.server.annotations | ingress.livekit.annotations
| object
| `{}`
|
| ingress.livekit.enabled
| bool
| `false`
|
| ingress.livekit.host
| string | string
| `nil` | `nil`
| default: sfu.call.(.commons.ingress.domain)
| ingress.server.annotations
| object
| `{}`
| |
| ingress.server.host | ingress.server.host
@ -355,9 +480,14 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat
| `nil` | `nil`
| default: matrix.(.commons.ingress.domain) | default: matrix.(.commons.ingress.domain)
| ingress.slidingSync.annotations | ingress.server.wellknown.client."m.tile_server".map_style_url
| string | string
| `nil` | `"https://api.maptiler.com/maps/streets/style.json?key=fU3vlMsMn4Jb6dnEIFsx"`
|
| ingress.slidingSync.annotations
| object
| `{}`
| |
| ingress.slidingSync.host | ingress.slidingSync.host
@ -375,6 +505,21 @@ image::https://img.shields.io/badge/Version-application-informational?style=flat
| `0` | `0`
| |
| livekit.enabled
| bool
| `false`
| deploy livekit for usage with element-call
| livekit.key
| string
| `"dev"`
| key for api (kind of username)
| livekit.secret
| string
| `nil`
| secret for api a kind of password (default: generated by .commons.masterPassword)
| persistence.size | persistence.size
| string | string
| `"16Gi"` | `"16Gi"`

133
mycloud-matrix/templates/bridge/slack.yaml Normal file
View file

@ -0,0 +1,133 @@
{{- if .Values.bridge.slack.enabled }}
---
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: "{{ .Release.Name }}-mautrix-slack"
spec:
chart:
spec:
sourceRef:
kind: GitRepository
name: "wrenix-helm-charts"
namespace: "flux-system"
chart: "./mautrix-signal"
reconcileStrategy: "Revision"
install:
{{- toYaml .Values.commons.helm.release.install | nindent 4 }}
test:
{{- toYaml .Values.commons.helm.release.test | nindent 4 }}
upgrade:
{{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }}
driftDetection:
{{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }}
interval: 10m
valuesFrom:
- kind: Secret
name: "{{ .Release.Name }}-mautrix-slack-mautrix-signal"
valuesKey: as_token
targetPath: config.appservice.as_token
optional: true
- kind: Secret
name: "{{ .Release.Name }}-mautrix-slack-mautrix-signal"
valuesKey: hs_token
targetPath: config.appservice.hs_token
optional: true
- kind: Secret
name: "{{ .Release.Name }}-doublepuppet"
valuesKey: as_token_code
targetPath: config.double_puppet.secrets.{{ include "mycloud-matrix.domain" . | replace "." "\\." }}
values:
image:
repository: "mautrix/slack"
tag: "v0.1.1"
config:
database:
type: postgres
{{- $username := .Values.databases.bridge.slack.username }}
{{- $password := .Values.databases.bridge.slack.password | default (derivePassword 1 "long" .Values.commons.masterPassword "matrix-bridge-slack" "database_password" | b64enc) }}
{{- $host := .Values.databases.bridge.slack.host }}
{{- $database := .Values.databases.bridge.slack.name }}
uri: {{ printf "postgres://%s:%s@%s/%s?sslmode=disable" $username $password $host $database | quote }}
homeserver:
address: https://{{ include "mycloud-matrix.host.server" . }}
domain: {{ include "mycloud-matrix.domain" . }}
appservice:
address: http://{{ .Release.Name }}-mautrix-slack-mautrix-signal:29328
id: slack
{{`
username_template: "slack_{{.}}"
`}}
bot:
avatar: "mxc://maunium.net/pVtzLmChZejGxLqmXtQjFxem"
username: slackbot
displayname: "Slack bridge bot"
bridge:
personal_filtering_spaces: true
command_prefix: "!slack"
relay:
enabled: true
permissions:
"example.com": null
"@admin:example.com": null
{{ include "mycloud-matrix.domain" . | quote}}: user
{{- range $user := .Values.bridge.slack.admins }}
{{ $user | quote }}: admin
{{- end }}
management_room_text:
welcome: "Hello, Im a Slack bridge bot."
matrix:
sync_direct_chat_list: true
double_puppet:
servers:
example.com: null
{{ include "mycloud-matrix.domain" . }}: https://{{ include "mycloud-matrix.host.server" . }}
secrets:
example.com: null
{{- if not .Values.server.authenticationService.enabled }}
encryption:
allow: true
default: true
require: true
delete_keys:
periodically_delete_expired: true
{{- end }}
signal: null
{{`
slack:
displayname_template: '{{or .Profile.DisplayName .Profile.RealName .Name}}{{if .IsBot}} (bot){{end}}'
channel_name_template: '{{if and .IsChannel (not .IsPrivate)}}#{{end}}{{.Name}}{{if .IsNoteToSelf}} (you){{end}}'
team_name_template: "{{ .Name }}"
custom_emoji_reactions: true
workspace_avatar_in_rooms: false
participant_sync_count: 5
participant_sync_only_on_create: true
mute_channels_by_default: false
backfill:
conversation_count: -1
`}}
registration:
namespaces:
users:
- regex: {{ printf "^@slackbot:%s$" (include "mycloud-matrix.domain" . | replace "." "\\.") | quote }}
exclusive: true
- regex: {{ printf "^@slack_.*:%s$" (include "mycloud-matrix.domain" . | replace "." "\\.") | quote }}
exclusive: true
persistence:
enabled: true
size: {{ .Values.persistence.size }}
{{- with .Values.persistence.storageClass | default .Values.commons.persistence.storageClass }}
storageClass: {{ . }}
{{- end }}
{{- if .Values.commons.persistence.hostPath.enabled }}
hostPath: "{{ .Values.commons.persistence.hostPath.prefix }}/matrix/bridge/slack"
{{- end }}
prometheus:
servicemonitor:
enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }}
labels:
{{- toYaml .Values.commons.prometheus.monitor.labels | nindent 10 }}
{{- end }}{{/* end-if .bridge.slack.enabled */}}

2
mycloud-matrix/templates/server/doublepuppet.yaml
View file

@ -1,4 +1,4 @@
{{- if or .Values.bridge.signal.enabled }} {{- if or .Values.bridge.signal.enabled .Values.bridge.slack.enabled }}
--- ---
{{ $secretName := printf "%s-doublepuppet" .Release.Name }} {{ $secretName := printf "%s-doublepuppet" .Release.Name }}
{{- $asToken := "" }} {{- $asToken := "" }}

28
mycloud-matrix/templates/server/synapse.yaml
View file

@ -46,12 +46,15 @@ spec:
enable_search: false enable_search: false
dynamic_thumbnails: true dynamic_thumbnails: true
{{- with .Values.bridge }} {{- with .Values.bridge }}
{{- if or .signal.enabled }} {{- if or .signal.enabled .slack.enabled }}
app_service_config_files: app_service_config_files:
- "/etc/appservices/doublepuppet.yaml" - "/etc/appservices/doublepuppet.yaml"
{{- if .signal.enabled }} {{- if .signal.enabled }}
- "/etc/appservices/bridge-signal.yaml" - "/etc/appservices/bridge-signal.yaml"
{{- end }}{{/* end-if .signale.enabled */}} {{- end }}{{/* end-if .signal.enabled */}}
{{- if .slack.enabled }}
- "/etc/appservices/bridge-slack.yaml"
{{- end }}{{/* end-if .slack.enabled */}}
{{- end }}{{/* end-if .*.enabled */}} {{- end }}{{/* end-if .*.enabled */}}
{{- end }}{{/* end-with .bridge*/}} {{- end }}{{/* end-with .bridge*/}}
extraSecrets: extraSecrets:
@ -143,7 +146,7 @@ spec:
memory: "4Gi" memory: "4Gi"
extraVolumeMounts: extraVolumeMounts:
{{- with .Values.bridge }} {{- with .Values.bridge }}
{{- if or .signal.enabled }} {{- if or .signal.enabled .slack.enabled }}
- name: doublepuppet - name: doublepuppet
mountPath: "/etc/appservices/doublepuppet.yaml" mountPath: "/etc/appservices/doublepuppet.yaml"
subPath: "doublepuppet.yaml" subPath: "doublepuppet.yaml"
@ -151,12 +154,17 @@ spec:
- name: bridge-signal - name: bridge-signal
mountPath: "/etc/appservices/bridge-signal.yaml" mountPath: "/etc/appservices/bridge-signal.yaml"
subPath: "bridge-signal.yaml" subPath: "bridge-signal.yaml"
{{- end }}{{/* end-if .signale.enabled */}} {{- end }}{{/* end-if .signal.enabled */}}
{{- if .slack.enabled }}
- name: bridge-slack
mountPath: "/etc/appservices/bridge-slack.yaml"
subPath: "bridge-slack.yaml"
{{- end }}{{/* end-if .slack.enabled */}}
{{- end }}{{/* end-if .*.enabled */}} {{- end }}{{/* end-if .*.enabled */}}
{{- end }}{{/* end-with .bridge*/}} {{- end }}{{/* end-with .bridge*/}}
extraVolumes: extraVolumes:
{{- with .Values.bridge }} {{- with .Values.bridge }}
{{- if or .signal.enabled }} {{- if or .signal.enabled .slack.enabled }}
- name: doublepuppet - name: doublepuppet
secret: secret:
secretName: "{{ $.Release.Name }}-doublepuppet" secretName: "{{ $.Release.Name }}-doublepuppet"
@ -170,7 +178,15 @@ spec:
items: items:
- key: "registration.yaml" - key: "registration.yaml"
path: "bridge-signal.yaml" path: "bridge-signal.yaml"
{{- end }}{{/* end-if .signale.enabled */}} {{- end }}{{/* end-if .signal.enabled */}}
{{- if .slack.enabled }}
- name: bridge-slack
secret:
secretName: "{{ $.Release.Name }}-mautrix-slack-mautrix-signal"
items:
- key: "registration.yaml"
path: "bridge-slack.yaml"
{{- end }}{{/* end-if .slack.enabled */}}
{{- end }}{{/* end-if .*.enabled */}} {{- end }}{{/* end-if .*.enabled */}}
{{- end }}{{/* end-with .bridge*/}} {{- end }}{{/* end-with .bridge*/}}

10
mycloud-matrix/values.yaml
View file

@ -164,6 +164,9 @@ bridge:
signal: signal:
enabled: false enabled: false
admins: [] admins: []
slack:
enabled: false
admins: []
livekit: livekit:
# -- deploy livekit for usage with element-call # -- deploy livekit for usage with element-call
@ -257,6 +260,13 @@ databases:
username: matrix-bridge-signal username: matrix-bridge-signal
# -- generated by .commons.masterPassword (equal to mycloud-services) # -- generated by .commons.masterPassword (equal to mycloud-services)
password: password:
slack:
# -- default is from mycloud-services
host: mycloud-services-postgresql
name: matrix-bridge-slack
username: matrix-bridge-slack
# -- generated by .commons.masterPassword (equal to mycloud-services)
password:
persistence: persistence:
storageClass: storageClass: