108 lines
3.9 KiB
YAML
108 lines
3.9 KiB
YAML
{{- if .Values.bridge.signal.enabled }}
|
|
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2beta2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: "{{ .Release.Name }}-mautrix-signal"
|
|
spec:
|
|
chart:
|
|
spec:
|
|
sourceRef:
|
|
kind: GitRepository
|
|
name: "wrenix-helm-charts"
|
|
namespace: "flux-system"
|
|
chart: "./mautrix-signal"
|
|
reconcileStrategy: "Revision"
|
|
install:
|
|
{{- toYaml .Values.commons.helm.release.install | nindent 4 }}
|
|
test:
|
|
{{- toYaml .Values.commons.helm.release.test | nindent 4 }}
|
|
upgrade:
|
|
{{- toYaml .Values.commons.helm.release.upgrade | nindent 4 }}
|
|
driftDetection:
|
|
{{- toYaml .Values.commons.helm.release.driftDetection | nindent 4 }}
|
|
interval: 10m
|
|
valuesFrom:
|
|
- kind: Secret
|
|
name: "{{ .Release.Name }}-mautrix-signal"
|
|
valuesKey: as_token
|
|
targetPath: config.appservice.as_token
|
|
optional: true
|
|
- kind: Secret
|
|
name: "{{ .Release.Name }}-mautrix-signal"
|
|
valuesKey: hs_token
|
|
targetPath: config.appservice.hs_token
|
|
optional: true
|
|
- kind: Secret
|
|
name: "{{ .Release.Name }}-doublepuppet"
|
|
valuesKey: as_token_code
|
|
targetPath: config.double_puppet.secrets.{{ include "mycloud-matrix.domain" . | replace "." "\\." }}
|
|
values:
|
|
image:
|
|
repository: "mautrix/signal@sha256"
|
|
tag: "98c72b3918ac8b970257305127580cd37549201da90cd64307d406aa5c176c1b"
|
|
config:
|
|
database:
|
|
type: postgres
|
|
{{- $username := .Values.databases.bridge.signal.username }}
|
|
{{- $password := .Values.databases.bridge.signal.password | default (derivePassword 1 "long" .Values.commons.masterPassword "matrix-bridge-signal" "database_password" | b64enc) }}
|
|
{{- $host := .Values.databases.bridge.signal.host }}
|
|
{{- $database := .Values.databases.bridge.signal.name }}
|
|
uri: {{ printf "postgres://%s:%s@%s/%s?sslmode=disable" $username $password $host $database | quote }}
|
|
homeserver:
|
|
address: https://{{ include "mycloud-matrix.host.server" . }}
|
|
domain: {{ include "mycloud-matrix.domain" . }}
|
|
appservice:
|
|
address: http://{{ .Release.Name }}-mautrix-signal:29328
|
|
bridge:
|
|
personal_filtering_spaces: true
|
|
relay:
|
|
enabled: true
|
|
permissions:
|
|
"example.com": null
|
|
"@admin:example.com": null
|
|
{{ include "mycloud-matrix.domain" . | quote}}: user
|
|
{{- range $user := .Values.bridge.signal.admins }}
|
|
{{ $user | quote }}: admin
|
|
{{- end }}
|
|
matrix:
|
|
sync_direct_chat_list: true
|
|
double_puppet:
|
|
servers:
|
|
example.com: null
|
|
{{ include "mycloud-matrix.domain" . }}: https://{{ include "mycloud-matrix.host.server" . }}
|
|
secrets:
|
|
example.com: null
|
|
{{- if not .Values.server.authenticationService.enabled }}
|
|
encryption:
|
|
allow: true
|
|
default: true
|
|
require: true
|
|
delete_keys:
|
|
periodically_delete_expired: true
|
|
{{- end }}
|
|
|
|
registration:
|
|
namespaces:
|
|
users:
|
|
- regex: {{ printf "^@signalbot:%s$" (include "mycloud-matrix.domain" . | replace "." "\\.") | quote }}
|
|
exclusive: true
|
|
- regex: {{ printf "^@signal_.*:%s$" (include "mycloud-matrix.domain" . | replace "." "\\.") | quote }}
|
|
exclusive: true
|
|
|
|
persistence:
|
|
enabled: true
|
|
size: {{ .Values.persistence.size }}
|
|
{{- with .Values.persistence.storageClass | default .Values.commons.persistence.storageClass }}
|
|
storageClass: {{ . }}
|
|
{{- end }}
|
|
{{- if .Values.commons.persistence.hostPath.enabled }}
|
|
hostPath: "{{ .Values.commons.persistence.hostPath.prefix }}/matrix/bridge/signal"
|
|
{{- end }}
|
|
|
|
prometheus:
|
|
servicemonitor:
|
|
enabled: {{ (.Capabilities.APIVersions.Has "monitoring.coreos.com/v1/ServiceMonitor") }}
|
|
labels:
|
|
{{- toYaml .Values.commons.prometheus.monitor.labels | nindent 10 }}
|
|
{{- end }}{{/* end-if .bridge.signal.enabled */}}
|