diff --git a/clusters/cl01tl/applications/element-web/Chart.yaml b/clusters/cl01tl/applications/element-web/Chart.yaml deleted file mode 100644 index 168dc94d4..000000000 --- a/clusters/cl01tl/applications/element-web/Chart.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v2 -name: element-web -version: 1.0.0 -description: Element Web -keywords: - - element-web - - chat - - matrix -home: "" -sources: - - https://github.com/element-hq/element-web - - https://github.com/cloudflare/cloudflared - - https://hub.docker.com/r/vectorim/element-web - - https://gitlab.com/ananace/charts/-/tree/master/charts/element-web - - https://github.com/alexlebens/helm-charts/tree/main/charts/cloudflared -maintainers: - - name: alexlebens -dependencies: - - name: element-web - version: 1.3.25 - repository: https://ananace.gitlab.io/charts - - name: cloudflared - alias: cloudflared - repository: http://alexlebens.github.io/helm-charts - version: 1.4.0 -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/element.png -appVersion: v1.11.68 diff --git a/clusters/cl01tl/applications/element-web/templates/external-secret.yaml b/clusters/cl01tl/applications/element-web/templates/external-secret.yaml deleted file mode 100644 index 3e65c22ac..000000000 --- a/clusters/cl01tl/applications/element-web/templates/external-secret.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: element-web-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: element-web-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/element - metadataPolicy: None - property: token diff --git a/clusters/cl01tl/applications/element-web/values.yaml b/clusters/cl01tl/applications/element-web/values.yaml deleted file mode 100644 index 1eb235d7e..000000000 --- a/clusters/cl01tl/applications/element-web/values.yaml +++ /dev/null @@ -1,28 +0,0 @@ -element-web: - replicaCount: 1 - image: - repository: vectorim/element-web - tag: v1.11.69 - pullPolicy: IfNotPresent - defaultServer: - url: https://matrix.alexlebens.dev - name: alexlebens.dev - identity_url: https://alexlebens.dev - config: - disable_3pid_login: true - brand: "Alex Lebens" - branding: - welcome_background_url: https://alexlebens-dev.nyc3.digitaloceanspaces.com/cl02do/assets/background.jpg - auth_header_logo_url: https://alexlebens-dev.nyc3.digitaloceanspaces.com/cl02do/assets/icon_white.png - sso_redirect_options: - immediate: true - default_theme: dark - default_country_code: US - ingress: - enabled: false - resources: - requests: - cpu: 100m - memory: 128Mi -cloudflared: - existingSecretName: element-web-cloudflared-secret diff --git a/clusters/cl01tl/platform/matrix-synapse/Chart.yaml b/clusters/cl01tl/platform/matrix-synapse/Chart.yaml deleted file mode 100644 index 97bbb47e6..000000000 --- a/clusters/cl01tl/platform/matrix-synapse/Chart.yaml +++ /dev/null @@ -1,63 +0,0 @@ -apiVersion: v2 -name: matrix-synapse -version: 1.0.0 -description: Matrix Synapse -keywords: - - matrix-synapse - - matrix - - chat - - bridge - - matrix-hookshot - - mautrix-discord - - mautrix-whatsapp -sources: - - https://github.com/element-hq/synapse - - https://github.com/matrix-org/matrix-hookshot - - https://github.com/mautrix/discord - - https://github.com/mautrix/whatsapp - - https://github.com/redis/redis - - https://github.com/cloudflare/cloudflared - - https://github.com/cloudnative-pg/cloudnative-pg - - https://hub.docker.com/r/halfshot/matrix-hookshot - - https://mau.dev/mautrix/discord/container_registry - - https://mau.dev/mautrix/whatsapp/container_registry - - https://gitlab.com/ananace/charts/-/tree/master/charts/matrix-synapse - - https://github.com/bitnami/charts/tree/main/bitnami/redis - - https://github.com/bjw-s/helm-charts/tree/main/charts/other/app-template - - https://github.com/alexlebens/helm-charts/tree/main/charts/cloudflared - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -maintainers: - - name: alexlebens -dependencies: - - name: matrix-synapse - version: 3.9.6 - repository: https://ananace.gitlab.io/charts - - name: app-template - alias: matrix-hookshot - repository: https://bjw-s.github.io/helm-charts/ - version: 3.2.1 - - name: app-template - alias: mautrix-discord - repository: https://bjw-s.github.io/helm-charts/ - version: 3.2.1 - - name: app-template - alias: mautrix-whatsapp - repository: https://bjw-s.github.io/helm-charts/ - version: 3.2.1 - - name: redis - version: 19.5.5 - repository: https://charts.bitnami.com/bitnami - - name: cloudflared - alias: cloudflared-synapse - repository: http://alexlebens.github.io/helm-charts - version: 1.4.0 - - name: cloudflared - alias: cloudflared-hookshot - repository: http://alexlebens.github.io/helm-charts - version: 1.4.0 - - name: postgres-cluster - alias: postgres-16-cluster - version: 3.5.0 - repository: http://alexlebens.github.io/helm-charts -icon: https://raw.githubusercontent.com/walkxcode/dashboard-icons/main/png/matrix.png -appVersion: 1.109.0 diff --git a/clusters/cl01tl/platform/matrix-synapse/templates/external-secret.yaml b/clusters/cl01tl/platform/matrix-synapse/templates/external-secret.yaml deleted file mode 100644 index 9a319cb0a..000000000 --- a/clusters/cl01tl/platform/matrix-synapse/templates/external-secret.yaml +++ /dev/null @@ -1,247 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: matrix-synapse-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: oidc.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/config - metadataPolicy: None - property: oidc.yaml - - secretKey: config.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/config - metadataPolicy: None - property: config.yaml - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: matrix-hookshot-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-hookshot-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.yml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/hookshot - metadataPolicy: None - property: config - - secretKey: registration.yml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/hookshot - metadataPolicy: None - property: registration - - secretKey: hookshot-registration.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/hookshot - metadataPolicy: None - property: registration - - secretKey: passkey.pem - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/hookshot - metadataPolicy: None - property: passkey - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: mautrix-discord-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: mautrix-discord-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/mautrix-discord - metadataPolicy: None - property: config - - secretKey: mautrix-discord-registration.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/mautrix-discord - metadataPolicy: None - property: registration - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: mautrix-whatsapp-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: mautrix-whatsapp-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/mautrix-whatsapp - metadataPolicy: None - property: config - - secretKey: mautrix-whatsapp-registration.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/mautrix-whatsapp - metadataPolicy: None - property: registration - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: matrix-synapse-redis-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse-redis-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: password - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cl01tl/matrix-synapse/redis - metadataPolicy: None - property: password - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: matrix-synapse-cloudflared-synapse-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse-cloudflared-synapse-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/matrix-synapse - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: matrix-synapse-cloudflared-hookshot-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse-cloudflared-hookshot-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /cloudflare/tunnels/matrix-hookshot - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: matrix-synapse-postgresql-16-cluster-backup-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse-postgresql-16-cluster-backup-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: database - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: ACCESS_KEY_ID - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /aws/keys/cl01tl-matrix-synapse-postgresql - metadataPolicy: None - property: access_key - - secretKey: ACCESS_SECRET_KEY - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /aws/keys/cl01tl-matrix-synapse-postgresql - metadataPolicy: None - property: secret_key diff --git a/clusters/cl01tl/platform/matrix-synapse/templates/service-monitor.yaml b/clusters/cl01tl/platform/matrix-synapse/templates/service-monitor.yaml deleted file mode 100644 index 44a4c6a26..000000000 --- a/clusters/cl01tl/platform/matrix-synapse/templates/service-monitor.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: matrix-synapse - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - endpoints: - - port: metrics - interval: 15s - scrapeTimeout: 5s - path: /_synapse/metrics - selector: - matchLabels: - app.kubernetes.io/name: matrix-synapse - app.kubernetes.io/instance: {{ .Release.Name }} - ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: matrix-hookshot - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-hookshot - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - endpoints: - - port: metrics - interval: 15s - scrapeTimeout: 5s - path: /metrics - selector: - matchLabels: - app.kubernetes.io/name: matrix-hookshot - app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/clusters/cl01tl/platform/matrix-synapse/values.yaml b/clusters/cl01tl/platform/matrix-synapse/values.yaml deleted file mode 100644 index bab236f0f..000000000 --- a/clusters/cl01tl/platform/matrix-synapse/values.yaml +++ /dev/null @@ -1,319 +0,0 @@ -matrix-synapse: - serverName: alexlebens.dev - publicServerName: matrix.alexlebens.dev - argoCD: true - signingkey: - job: - enabled: false - config: - reportStats: false - enableRegistration: true - trustedKeyServers: [] - extraConfig: - enable_metrics: true - enable_registration_without_verification: false - password_config: - enabled: false - sso: - client_whitelist: - - https://chat.alexlebens.dev/ - update_profile_information: true - synapse: - strategy: - type: Recreate - extraVolumes: - - name: matrix-synapse-config-secret - secret: - secretName: matrix-synapse-config-secret - - name: matrix-hookshot-config-secret - secret: - secretName: matrix-hookshot-config-secret - - name: mautrix-discord-config-secret - secret: - secretName: mautrix-discord-config-secret - - name: mautrix-whatsapp-config-secret - secret: - secretName: mautrix-whatsapp-config-secret - extraVolumeMounts: - - name: matrix-synapse-config-secret - mountPath: /synapse/config/conf.d/oidc.yaml - subPath: oidc.yaml - readOnly: true - - name: matrix-synapse-config-secret - mountPath: /synapse/config/conf.d/config.yaml - subPath: config.yaml - readOnly: true - - name: matrix-hookshot-config-secret - mountPath: /synapse/config/conf.d/hookshot-registration.yaml - subPath: hookshot-registration.yaml - readOnly: true - - name: mautrix-discord-config-secret - mountPath: /synapse/config/conf.d/mautrix-discord-registration.yaml - subPath: mautrix-discord-registration.yaml - readOnly: true - - name: mautrix-whatsapp-config-secret - mountPath: /synapse/config/conf.d/mautrix-whatsapp-registration.yaml - subPath: mautrix-whatsapp-registration.yaml - readOnly: true - resources: - requests: - cpu: 100m - memory: 256Mi - workers: - default: - replicaCount: 0 - generic_worker: - enabled: false - pusher: - enabled: false - appservice: - enabled: false - federation_sender: - enabled: false - media_repository: - enabled: false - user_dir: - enabled: false - wellknown: - enabled: true - server: - m.server: matrix.alexlebens.dev:443 - client: - m.homeserver: - base_url: https://matrix.alexlebens.dev - postgresql: - enabled: false - externalPostgresql: - host: matrix-synapse-postgresql-16-cluster-rw - port: 5432 - username: app - database: app - existingSecret: matrix-synapse-postgresql-16-cluster-app - existingSecretPasswordKey: password - redis: - enabled: false - externalRedis: - host: matrix-synapse-redis-headless - port: 6379 - existingSecret: matrix-synapse-redis-secret - existingSecretPasswordKey: password - persistence: - enabled: true - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 10Gi - volumePermissions: - enabled: true - uid: 666 - gid: 666 - ingress: - enabled: false -matrix-hookshot: - global: - fullnameOverride: matrix-hookshot - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: halfshot/matrix-hookshot - tag: 5.3.0 - pullPolicy: IfNotPresent - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - webhook: - port: 9000 - targetPort: 9000 - protocol: HTTP - metrics: - port: 9001 - targetPort: 9001 - protocol: HTTP - appservice: - port: 9002 - targetPort: 9002 - protocol: HTTP - persistence: - config: - enabled: true - type: secret - name: matrix-hookshot-config-secret - advancedMounts: - main: - main: - - path: /data/config.yml - readOnly: true - mountPropagation: None - subPath: config.yml - registration: - enabled: true - type: secret - name: matrix-hookshot-config-secret - advancedMounts: - main: - main: - - path: /data/registration.yml - readOnly: true - mountPropagation: None - subPath: registration.yml - passkey: - enabled: true - type: secret - name: matrix-hookshot-config-secret - advancedMounts: - main: - main: - - path: /data/passkey.pem - readOnly: true - mountPropagation: None - subPath: passkey.pem -mautrix-discord: - global: - fullnameOverride: mautrix-discord - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: dock.mau.dev/mautrix/discord - tag: v0.6.5 - pullPolicy: IfNotPresent - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 29334 - targetPort: 29334 - protocol: HTTP - persistence: - data: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 500Mi - retain: true - advancedMounts: - main: - main: - - path: /data - readOnly: false - config: - enabled: true - type: secret - name: mautrix-discord-config-secret - advancedMounts: - main: - main: - - path: /data/config.yaml - readOnly: true - mountPropagation: None - subPath: config.yaml -mautrix-whatsapp: - global: - fullnameOverride: mautrix-whatsapp - controllers: - main: - type: deployment - replicas: 1 - strategy: Recreate - revisionHistoryLimit: 3 - containers: - main: - image: - repository: dock.mau.dev/mautrix/whatsapp - tag: v0.10.8 - pullPolicy: IfNotPresent - resources: - requests: - cpu: 100m - memory: 256Mi - serviceAccount: - create: true - service: - main: - controller: main - ports: - http: - port: 29333 - targetPort: 29333 - protocol: HTTP - persistence: - data: - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 500Mi - retain: true - advancedMounts: - main: - main: - - path: /data - readOnly: false - config: - enabled: true - type: secret - name: mautrix-whatsapp-config-secret - advancedMounts: - main: - main: - - path: /data/config.yaml - readOnly: true - mountPropagation: None - subPath: config.yaml -redis: - architecture: standalone - auth: - enabled: true - existingSecret: matrix-synapse-redis-secret - existingSecretPasswordKey: password - master: - persistence: - enabled: false - replica: - persistence: - enabled: false -cloudflared-synapse: - name: cloudflared-synapse - existingSecretName: matrix-synapse-cloudflared-synapse-secret -cloudflared-hookshot: - name: cloudflared-hookshot - existingSecretName: matrix-synapse-cloudflared-hookshot-secret -postgres-16-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - prometheusRule: - enabled: false - backup: - enabled: false - endpointURL: https://s3.us-east-2.amazonaws.com - destinationPath: s3://cl01tl-postgresql-backups/matrix-synapse - endpointCredentials: matrix-synapse-postgresql-16-cluster-backup-secret - backupIndex: 1 - retentionPolicy: 14d