{{- if .Values.bridge.signal.enabled }} --- apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: "{{ .Release.Name }}-mautrix-bridge-signal" spec: chart: spec: sourceRef: kind: GitRepository name: "wrenix-helm-charts" namespace: "flux-system" chart: "./mautrix-bridge" valuesFiles: - "./mautrix-bridge/values.yaml" - "./mautrix-bridge/values-signal.yaml" reconcileStrategy: "Revision" install: {{- toYaml .Values.commons.helm.release.install | nindent 4 }} test: {{- toYaml .Values.commons.helm.release.test | nindent 4 }} upgrade: {{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }} driftDetection: {{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }} interval: 10m valuesFrom: - kind: Secret name: "{{ .Release.Name }}-mautrix-bridge-signal" valuesKey: as_token targetPath: config.appservice.as_token optional: true - kind: Secret name: "{{ .Release.Name }}-mautrix-bridge-signal" valuesKey: hs_token targetPath: config.appservice.hs_token optional: true - kind: Secret name: "{{ .Release.Name }}-doublepuppet" valuesKey: as_token_code targetPath: config.double_puppet.secrets.{{ include "mycloud-matrix.domain" . | replace "." "\\." }} values: config: database: type: postgres {{- $username := .Values.databases.bridge.signal.username }} {{- $password := .Values.databases.bridge.signal.password | default (derivePassword 1 "long" .Values.commons.masterPassword "matrix-bridge-signal" "database_password" | b64enc) }} {{- $host := .Values.databases.bridge.signal.host }} {{- $database := .Values.databases.bridge.signal.name }} uri: {{ printf "postgres://%s:%s@%s/%s?sslmode=disable" $username $password $host $database | quote }} homeserver: address: https://{{ include "mycloud-matrix.host.server" . }} domain: {{ include "mycloud-matrix.domain" . }} appservice: address: http://{{ .Release.Name }}-mautrix-bridge-signal:29328 bridge: relay: enabled: true permissions: "example.com": null "@admin:example.com": null {{ include "mycloud-matrix.domain" . | quote}}: user {{- range $user := .Values.bridge.signal.admins }} {{ $user | quote }}: admin {{- end }} matrix: sync_direct_chat_list: true double_puppet: servers: example.com: null {{ include "mycloud-matrix.domain" . }}: https://{{ include "mycloud-matrix.host.server" . }} secrets: example.com: null {{- if not .Values.server.authenticationService.enabled }} encryption: allow: true default: true require: true delete_keys: periodically_delete_expired: true {{- end }} registration: namespaces: users: - regex: {{ printf "^@signalbot:%s$" (include "mycloud-matrix.domain" . | replace "." "\\.") | quote }} exclusive: true - regex: {{ printf "^@signal_.*:%s$" (include "mycloud-matrix.domain" . | replace "." "\\.") | quote }} exclusive: true persistence: enabled: true size: {{ .Values.persistence.size }} {{- with .Values.persistence.storageClass | default .Values.commons.persistence.storageClass }} storageClass: {{ . }} {{- end }} {{- if .Values.commons.persistence.hostPath.enabled }} hostPath: "{{ .Values.commons.persistence.hostPath.prefix }}/matrix/bridge/signal" {{- end }} prometheus: servicemonitor: enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }} labels: {{- toYaml .Values.commons.prometheus.monitor.labels | nindent 10 }} {{- end }}{{/* end-if .bridge.signal.enabled */}}