wrenix/helm-charts
1
0
Fork 0
Code Issues 8 Pull requests 8 Projects Packages Activity
helm-charts/matrix-authentication-service/README.md

170 lines
8.6 KiB
Markdown
Raw Blame History

---
title: "matrix-authentication-service"
description: "OAuth2.0 + OpenID Provider for Matrix Homeservers (per MSC3861)"
---
# matrix-authentication-service
![Version: 0.0.8](https://img.shields.io/badge/Version-0.0.8-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.13.0](https://img.shields.io/badge/AppVersion-0.13.0-informational?style=flat-square)
OAuth2.0 + OpenID Provider for Matrix Homeservers (per MSC3861)
## Maintainers
| Name | Email | Url |
| ---- | ------ | --- |
| WrenIX | | <https://wrenix.eu> |
## Usage
Helm must be installed and setup to your kubernetes cluster to use the charts.
Refer to Helm's [documentation](https://helm.sh/docs) to get started.
Once Helm has been set up correctly, fetch the charts as follows:
```bash
helm pull oci://codeberg.org/wrenix/helm-charts/matrix-authentication-service
```
You can install a chart release using the following command:
```bash
helm install matrix-authentication-service-release oci://codeberg.org/wrenix/helm-charts/matrix-authentication-service --values values.yaml
```
To uninstall a chart release use `helm`'s delete command:
```bash
helm uninstall matrix-authentication-service-release
```
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| affinity | object | `{}` | |
| autoscaling.enabled | bool | `false` | |
| autoscaling.maxReplicas | int | `100` | |
| autoscaling.minReplicas | int | `1` | |
| autoscaling.targetCPUUtilizationPercentage | int | `80` | |
| config.branding.imprint | string | `nil` | |
| config.branding.logo_uri | string | `nil` | |
| config.branding.policy_uri | string | `nil` | |
| config.branding.service_name | string | `nil` | |
| config.branding.tos_uri | string | `nil` | |
| config.clients | list | `[]` | |
| config.database.connect_timeout | int | `30` | |
| config.database.database | string | `"sliding_sync"` | |
| config.database.host | string | `"localhost"` | |
| config.database.idle_timeout | int | `600` | |
| config.database.max_connections | int | `10` | |
| config.database.max_lifetime | int | `1800` | |
| config.database.min_connections | int | `0` | |
| config.database.password | string | `"secret"` | |
| config.database.port | int | `5432` | |
| config.database.username | string | `"sliding_sync"` | |
| config.email.from | string | `"\"Authentication Service\" <root@localhost>"` | |
| config.email.reply_to | string | `"\"Authentication Service\" <root@localhost>"` | |
| config.email.transport | string | `"blackhole"` | |
| config.experimental.access_token_ttl | int | `300` | |
| config.experimental.compat_token_ttl | int | `300` | |
| config.http.issuer | string | `"http://[::]:8080/"` | |
| config.http.listeners[0].binds[0].address | string | `"[::]:8080"` | |
| config.http.listeners[0].name | string | `"http"` | |
| config.http.listeners[0].proxy_protocol | bool | `false` | |
| config.http.listeners[0].resources[0].name | string | `"discovery"` | |
| config.http.listeners[0].resources[1].name | string | `"human"` | |
| config.http.listeners[0].resources[2].name | string | `"oauth"` | |
| config.http.listeners[0].resources[3].name | string | `"compat"` | |
| config.http.listeners[0].resources[4].name | string | `"graphql"` | |
| config.http.listeners[0].resources[4].playground | bool | `true` | |
| config.http.listeners[0].resources[5].name | string | `"assets"` | |
| config.http.listeners[0].resources[5].path | string | `"/usr/local/share/mas-cli/assets/"` | |
| config.http.listeners[1].binds[0].address | string | `"[::]:8081"` | |
| config.http.listeners[1].name | string | `"internal"` | |
| config.http.listeners[1].resources[0].name | string | `"health"` | |
| config.http.listeners[2].binds[0].address | string | `"[::]:9100"` | |
| config.http.listeners[2].name | string | `"metrics"` | |
| config.http.listeners[2].resources[0].name | string | `"prometheus"` | |
| config.http.public_base | string | `"http://[::]:8080/"` | |
| config.http.trusted_proxies[0] | string | `"192.128.0.0/16"` | |
| config.http.trusted_proxies[1] | string | `"172.16.0.0/12"` | |
| config.http.trusted_proxies[2] | string | `"10.0.0.0/10"` | |
| config.http.trusted_proxies[3] | string | `"127.0.0.1/8"` | |
| config.http.trusted_proxies[4] | string | `"fd00::/8"` | |
| config.http.trusted_proxies[5] | string | `"::1/128"` | |
| config.matrix.endpoint | string | `"http://localhost:8008/"` | |
| config.matrix.homeserver | string | `"localhost:8008"` | |
| config.matrix.secret | string | `"kPnqGbK9hmSRK41DZTgVJxfKVAiLrY6G"` | |
| config.passwords.enabled | bool | `true` | |
| config.passwords.schemes[0].algorithm | string | `"argon2id"` | |
| config.passwords.schemes[0].version | int | `1` | |
| config.policy.authorization_grant_entrypoint | string | `"authorization_grant/violation"` | |
| config.policy.client_registration_entrypoint | string | `"client_registration/violation"` | |
| config.policy.data | string | `nil` | |
| config.policy.email_entrypoint | string | `"email/violation"` | |
| config.policy.password_entrypoint | string | `"password/violation"` | |
| config.policy.register_entrypoint | string | `"register/violation"` | |
| config.policy.wasm_module | string | `"/usr/local/share/mas-cli/policy.wasm"` | |
| config.secrets.encryption | string | `nil` | |
| config.secrets.keys | list | `[]` | |
| config.telemetry.metrics.exporter | string | `"prometheus"` | |
| config.telemetry.sentry.dsn | string | `nil` | |
| config.telemetry.tracing.exporter | string | `"none"` | |
| config.telemetry.tracing.propagators | list | `[]` | |
| config.templates.assets_manifest | string | `"/usr/local/share/mas-cli/manifest.json"` | |
| config.templates.path | string | `"/usr/local/share/mas-cli/templates/"` | |
| config.templates.translations_path | string | `"/usr/local/share/mas-cli/translations/"` | |
| config.upstream_oauth2.providers | list | `[]` | |
| fullnameOverride | string | `""` | |
| global.image.pullPolicy | string | `nil` | if set it will overwrite all pullPolicy |
| global.image.registry | string | `nil` | if set it will overwrite all registry entries |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.registry | string | `"ghcr.io"` | |
| image.repository | string | `"element-hq/matrix-authentication-service"` | |
| image.tag | string | `nil` | Overrides the image tag whose default is the chart appVersion. |
| imagePullSecrets | list | `[]` | |
| ingress.annotations | object | `{}` | |
| ingress.className | string | `""` | |
| ingress.enabled | bool | `false` | |
| ingress.hosts[0].host | string | `"auth.matrix.chart-example.local"` | |
| ingress.hosts[0].paths[0].path | string | `"/l"` | |
| ingress.hosts[0].paths[0].pathType | string | `"Prefix"` | |
| ingress.hosts[1].host | string | `"matrix.chart-example.local"` | |
| ingress.hosts[1].paths[0].path | string | `"/_matrix/client/v3/login"` | |
| ingress.hosts[1].paths[0].pathType | string | `"Exact"` | |
| ingress.hosts[1].paths[1].path | string | `"/_matrix/client/v3/logout"` | |
| ingress.hosts[1].paths[1].pathType | string | `"Exact"` | |
| ingress.hosts[1].paths[2].path | string | `"/_matrix/client/v3/refresh"` | |
| ingress.hosts[1].paths[2].pathType | string | `"Exact"` | |
| ingress.tls | list | `[]` | |
| livenessProbe.httpGet.path | string | `"/health"` | |
| livenessProbe.httpGet.port | string | `"internal"` | |
| nameOverride | string | `""` | |
| nodeSelector | object | `{}` | |
| podAnnotations | object | `{}` | |
| podLabels | object | `{}` | |
| podSecurityContext.fsGroup | int | `1000` | |
| prometheus.servicemonitor.enabled | bool | `false` | |
| prometheus.servicemonitor.labels | object | `{}` | |
| readinessProbe.httpGet.path | string | `"/health"` | |
| readinessProbe.httpGet.port | string | `"internal"` | |
| replicaCount | int | `1` | |
| resources | object | `{}` | |
| securityContext.capabilities.drop[0] | string | `"ALL"` | |
| securityContext.readOnlyRootFilesystem | bool | `true` | |
| securityContext.runAsNonRoot | bool | `true` | |
| securityContext.runAsUser | int | `1000` | |
| service.port.http | int | `8080` | |
| service.port.metrics | int | `9100` | |
| service.type | string | `"ClusterIP"` | |
| serviceAccount.annotations | object | `{}` | |
| serviceAccount.automount | bool | `true` | |
| serviceAccount.create | bool | `true` | |
| serviceAccount.name | string | `""` | |
| tolerations | list | `[]` | |
| volumeMounts | list | `[]` | |
| volumes | list | `[]` | |
Autogenerated from chart metadata using [helm-docs](https://github.com/norwoodj/helm-docs)
Reference in a new issue View git blame Copy permalink