wrenix/flux-charts
1
0
Fork 0
Code Issues 14 Pull requests 1 Projects Releases Packages Wiki Activity Actions
flux-charts/mycloud-matrix/templates/server/synapse.yaml

187 lines
6.1 KiB
YAML
Raw Blame History

{{- if (eq .Values.server.software "synapse") }}
---
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
name: "{{ .Release.Name }}-synapse"
spec:
chart:
spec:
sourceRef:
kind: GitRepository
name: "wrenix-helm-charts"
namespace: "flux-system"
chart: "./matrix-synapse"
reconcileStrategy: "Revision"
install:
{{- toYaml .Values.commons.helm.release.install | nindent 4 }}
test:
{{- toYaml .Values.commons.helm.release.test | nindent 4 }}
upgrade:
{{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }}
driftDetection:
{{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }}
interval: 10m
values:
{{- $domain := .Values.server.host | default .Values.commons.ingress.domain }}
{{- $host := .Values.ingress.server.host | default (printf "matrix.%s" .Values.commons.ingress.domain) }}
serverName: {{ $domain }}
publicServerName: {{ $host }}
config:
enableRegistration: false
useStructuredLogging: true
extraConfig:
use_presence: false
enable_search: false
dynamic_thumbnails: true
extraSecrets:
email:
smtp_host: {{ .Values.server.mail.host | default .Values.commons.mail.host | quote }}
smtp_port: 587
{{- if .Values.commons.mail.use_tls }}
require_transport_security: true
{{- end }}
smtp_user: {{ .Values.commons.mail.username | quote }}
smtp_pass: {{ .Values.commons.mail.password | quote }}
app_name: "{{ .Values.commons.theme.title }}-matrix"
# TODO
# notif_from: {{ .Values.server.mail.from | default (printf "[%s] %s <%s>" .Values.commons.theme.title "matrix" .Values.commons.mail.from) | quote }}
notif_from: {{ .Values.server.mail.from | default .Values.commons.mail.from | quote }}
oidc_providers:
- idp_id: mycloud
idp_name: {{ .Values.commons.theme.title | quote }}
discover: true
issuer: "https://{{ .Values.commons.auth.host | default (printf "auth.%s" .Values.commons.ingress.domain) }}/application/o/mycloud-matrix/"
client_id: {{ .Values.server.auth.clientID | default (derivePassword 1 "long" .Values.commons.masterPassword "matrix" "auth.clientID") | sha256sum }}
client_secret: {{ .Values.server.auth.clientSecret | default (derivePassword 1 "long" .Values.commons.masterPassword "matrix" "auth.clientSecret") | sha256sum }}
scopes:
- "openid"
- "profile"
- "email"
user_mapping_provider:
config:
{{`
localpart_template: "{{ user.preferred_username }}"
display_name_template: "{{ user.name|capitalize }}"
`}}
{{- if .Values.server.scaling }}
workers:
generic_worker:
enabled: true
federation_reader:
enabled: true
synchrotron:
enabled: true
pusher:
enabled: true
appservice:
enabled: true
federation_sender:
enabled: true
media_repository:
enabled: true
user_dir:
enabled: true
frontend_proxy:
enabled: true
csPaths:
- "/_matrix/client/(api/v1|r0|v3|unstable)/keys/upload"
- "/_matrix/client/(api/v1|r0|v3|unstable)/presence/[^/]+/status"
{{- end }}
synapse:
livenessProbe:
timeoutSeconds: 2
periodSeconds: 15
readinessProbe:
timeoutSeconds: 2
periodSeconds: 15
startupProbe:
timeoutSeconds: 2
periodSeconds: 15
resources:
requests:
cpu: 1
memory: "256Mi"
limits:
memory: "4Gi"
wellknown:
enabled: true
resources:
requests:
cpu: 0.1
memory: "64Mi"
limits:
memory: "256Mi"
signingkey:
resources:
requests:
cpu: 0.1
memory: "64Mi"
limits:
memory: "256Mi"
ingress:
enabled: true
annotations:
{{- with .Values.commons.ingress.annotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.ingress.annotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
hosts:
- "{{ .Values.commons.ingress.domain }}"
- "{{ $host }}"
{{- if .Values.commons.ingress.tls.enabled }}
tls:
{{- with .Values.commons.ingress.tls.override }}
{{- toYaml . | nindent 8 }}
{{- else }}
- secretName: "mycloud-metrix-server-cert"
hosts:
- "{{ .Values.commons.ingress.domain }}"
- "{{ $host }}"
{{- end }}
{{- end }}
persistence:
enabled: true
size: {{ .Values.persistence.size }}
{{- with .Values.persistence.storageClass | default .Values.commons.persistence.storageClass }}
storageClass: {{ . }}
{{- end }}
{{- if .Values.commons.persistence.hostPath.enabled }}
hostPath: "{{ .Values.commons.persistence.hostPath.prefix }}/matrix/synapse"
{{- end }}
postgresql:
enabled: false
externalPostgresql:
host: {{ .Values.databases.server.host | quote }}
username: {{ .Values.databases.server.username | quote }}
password: {{ .Values.databases.server.password | default (derivePassword 1 "long" .Values.commons.masterPassword "matrix-synapse" "database_password") | quote }}
database: {{ .Values.databases.server.name | quote }}
prometheus:
podmonitor:
enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PodMonitor") }}
labels:
{{- toYaml .Values.commons.prometheus.monitor.labels | nindent 10 }}
rules:
enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/PrometheusRule") }}
labels:
{{- toYaml .Values.commons.prometheus.rules.labels | nindent 10 }}
grafana:
dashboards:
enabled: true
labels:
{{- toYaml .Values.commons.grafana.dashboards.labels | nindent 10 }}
annotations:
{{- toYaml .Values.commons.grafana.dashboards.annotations | nindent 10 }}
{{- end }}{{/* end-if .software == synapse */}}
Reference in a new issue View git blame Copy permalink