70 lines
2.0 KiB
YAML
70 lines
2.0 KiB
YAML
apiVersion: helm.toolkit.fluxcd.io/v2beta1
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: draupnir-synapse
|
|
namespace: matrix
|
|
spec:
|
|
chart:
|
|
spec:
|
|
version: 3.7.x
|
|
values:
|
|
signingkey:
|
|
job:
|
|
enabled: true
|
|
# image:
|
|
# repository: ghcr.io/matrix-org/synapse
|
|
# # TODO update properly again
|
|
# tag: v1.89.0
|
|
# #pullPolicy: Always
|
|
serverName: draupnir.midnightthoughts.space
|
|
publicServerName: matrix.draupnir.midnightthoughts.space
|
|
wellknown:
|
|
client:
|
|
m.homeserver:
|
|
base_url: https://matrix.draupnir.midnightthoughts.space
|
|
config:
|
|
reportStats: true
|
|
enableRegistration: false
|
|
extraConfig:
|
|
use_presence: false
|
|
app_service_config_files:
|
|
- /data/draupnir-registration.yaml
|
|
ingress:
|
|
traefikPaths: true
|
|
hosts:
|
|
- draupnir.midnightthoughts.space
|
|
- matrix.draupnir.midnightthoughts.space
|
|
tls:
|
|
- hosts:
|
|
- draupnir.midnightthoughts.space
|
|
- matrix.draupnir.midnightthoughts.space
|
|
secretName: draupnir-midnightthoughts-synapse-tls-secret
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-http
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
traefik.ingress.kubernetes.io/router.middlewares: default-hsts@kubernetescrd,default-compress@kubernetescrd,default-redirect-https@kubernetescrd
|
|
workers:
|
|
default:
|
|
volumeMounts:
|
|
- name: configs
|
|
mountPath: "/data"
|
|
readOnly: true
|
|
volumes:
|
|
- name: configs
|
|
secret:
|
|
secretName: draupnir-appservice
|
|
synapse:
|
|
extraVolumeMounts:
|
|
- name: configs
|
|
mountPath: "/data"
|
|
readOnly: true
|
|
extraVolumes:
|
|
- name: configs
|
|
secret:
|
|
secretName: draupnir-appservice
|
|
externalPostgresql:
|
|
username: draupnir_synapse
|
|
## The name of an existing secret with postgresql credentials
|
|
existingSecret: draupnir-midnightthoughts-postgresql
|
|
database: draupnir_synapse
|