171 lines
3.5 KiB
YAML
171 lines
3.5 KiB
YAML
coturn:
|
|
enabled: false
|
|
image:
|
|
pullPolicy: IfNotPresent
|
|
repository: matrixdotorg/synapse
|
|
tag: v1.95.1@sha256:9b6d64057cf0be41370c87523fd9dc9a0b744389aa67cb0462eca4ef34e0c5ec
|
|
installContainers:
|
|
generate-signing-key:
|
|
args:
|
|
- -m
|
|
- synapse.app.homeserver
|
|
- --config-path
|
|
- /data/homeserver.yaml
|
|
- --config-path
|
|
- /data/secret/secret.yaml
|
|
- --config-path
|
|
- /data/custom.yaml
|
|
- --keys-directory
|
|
- /data/keys
|
|
- --generate-keys
|
|
command:
|
|
- python
|
|
env:
|
|
- name: SYNAPSE_SERVER_NAME
|
|
value: "{{ .Values.matrix.serverName }}"
|
|
- name: SYNAPSE_REPORT_STATS
|
|
value: "no"
|
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
|
volumeMounts:
|
|
- mountPath: /data
|
|
name: config
|
|
- mountPath: /data/secret
|
|
name: secret
|
|
- mountPath: /data/keys
|
|
name: key
|
|
mail:
|
|
enabled: false
|
|
from: Matrix <matrix@example.com>
|
|
host: ""
|
|
password: ""
|
|
port: 25
|
|
requireTransportSecurity: true
|
|
riotUrl: ""
|
|
username: ""
|
|
matrix:
|
|
adminEmail: admin@example.com
|
|
blockNonAdminInvites: false
|
|
disabled: false
|
|
disabledMessage: ""
|
|
encryptByDefault: invite
|
|
federation:
|
|
allowPublicRooms: true
|
|
blacklist:
|
|
- 127.0.0.0/8
|
|
- 10.0.0.0/8
|
|
- 172.16.0.0/12
|
|
- 192.168.0.0/16
|
|
- 100.64.0.0/10
|
|
- 169.254.0.0/16
|
|
- ::1/128
|
|
- fe80::/64
|
|
- fc00::/7
|
|
enabled: true
|
|
logging:
|
|
rootLogLevel: WARNING
|
|
sqlLogLevel: WARNING
|
|
synapseLogLevel: WARNING
|
|
presence: true
|
|
registration:
|
|
allowGuests: false
|
|
autoJoinRooms: []
|
|
enabled: false
|
|
retentionPeriod: 7d
|
|
search: true
|
|
security:
|
|
surpressKeyServerWarning: true
|
|
serverName: example.com
|
|
uploads:
|
|
maxPixels: 32M
|
|
maxSize: 10M
|
|
urlPreviews:
|
|
enabled: false
|
|
persistence:
|
|
config:
|
|
enabled: true
|
|
mountPath: /data
|
|
objectName: synapse-config
|
|
readOnly: false
|
|
type: configMap
|
|
key:
|
|
enabled: true
|
|
mountPath: /data/keys
|
|
media:
|
|
enabled: true
|
|
mountPath: /data/media_store
|
|
secret:
|
|
enabled: true
|
|
mountPath: /data/secret
|
|
objectName: synapse-secret
|
|
readOnly: false
|
|
type: secret
|
|
uploads:
|
|
enabled: true
|
|
mountPath: /uploads
|
|
portal:
|
|
enabled: true
|
|
postgresql:
|
|
enabled: true
|
|
env:
|
|
POSTGRES_INITDB_ARGS: --encoding=UTF8 --locale=C
|
|
existingSecret: dbcreds
|
|
postgresqlDatabase: synapse
|
|
postgresqlUsername: synapse
|
|
securityContext:
|
|
container:
|
|
allowPrivilegeEscalation: true
|
|
service:
|
|
federation:
|
|
enabled: true
|
|
ports:
|
|
federation:
|
|
enabled: true
|
|
port: 8448
|
|
targetPort: 8008
|
|
main:
|
|
ports:
|
|
main:
|
|
port: 8008
|
|
targetPort: 8008
|
|
metrics:
|
|
enabled: true
|
|
ports:
|
|
metrics:
|
|
enabled: true
|
|
port: 9093
|
|
targetPort: 9090
|
|
replication:
|
|
enabled: true
|
|
ports:
|
|
replication:
|
|
enabled: true
|
|
port: 9092
|
|
targetPort: 9092
|
|
synapse:
|
|
appConfig: []
|
|
loadCustomConfig: false
|
|
metrics:
|
|
annotations: true
|
|
enabled: true
|
|
port: 9092
|
|
workload:
|
|
main:
|
|
podSpec:
|
|
containers:
|
|
main:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- |
|
|
exec python -B -m synapse.app.homeserver \
|
|
-c /data/homeserver.yaml \
|
|
-c /data/secret/secret.yaml \
|
|
-c /data/custom.yaml
|
|
probes:
|
|
liveness:
|
|
path: /health
|
|
readiness:
|
|
path: /health
|
|
startup:
|
|
path: /health
|