diff --git a/clusters/cl01tl/platform/matrix-synapse/Chart.yaml b/clusters/cl01tl/platform/matrix-synapse/Chart.yaml deleted file mode 100644 index f97edad10..000000000 --- a/clusters/cl01tl/platform/matrix-synapse/Chart.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: v2 -name: matrix-synapse -version: 1.0.0 -sources: - - https://github.com/element-hq/synapse - - https://github.com/matrix-org/matrix-hookshot - - https://github.com/mautrix/discord - - https://github.com/mautrix/whatsapp - - https://gitlab.com/ananace/charts/-/tree/master/charts/matrix-synapse - - https://github.com/alexlebens/helm-charts/charts/postgres-cluster -dependencies: - - name: matrix-synapse - version: 3.9.2 - repository: https://ananace.gitlab.io/charts - - name: matrix-hookshot - version: 0.1.1 - repository: http://alexlebens.github.io/helm-charts - - name: mautrix-discord - version: 0.0.2 - repository: http://alexlebens.github.io/helm-charts - - name: mautrix-whatsapp - version: 0.0.3 - repository: http://alexlebens.github.io/helm-charts - - name: redis - version: 19.1.2 - repository: https://charts.bitnami.com/bitnami - - name: postgres-cluster - alias: postgres-16-cluster - version: 3.1.0 - repository: http://alexlebens.github.io/helm-charts - - name: app-template - alias: cloudflared-synapse - repository: https://bjw-s.github.io/helm-charts/ - version: 3.1.0 - - name: app-template - alias: cloudflared-hookshot - repository: https://bjw-s.github.io/helm-charts/ - version: 3.1.0 -appVersion: v1.104.0 diff --git a/clusters/cl01tl/platform/matrix-synapse/templates/external-secret.yaml b/clusters/cl01tl/platform/matrix-synapse/templates/external-secret.yaml deleted file mode 100644 index b687026c0..000000000 --- a/clusters/cl01tl/platform/matrix-synapse/templates/external-secret.yaml +++ /dev/null @@ -1,211 +0,0 @@ -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: matrix-synapse-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: redis-password - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/config - metadataPolicy: None - property: redis-password - - secretKey: oidc.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/config - metadataPolicy: None - property: oidc.yaml - - secretKey: config.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/config - metadataPolicy: None - property: config.yaml - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: matrix-hookshot-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-hookshot-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.yml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/hookshot - metadataPolicy: None - property: config - - secretKey: registration.yml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/hookshot - metadataPolicy: None - property: registration - - secretKey: hookshot-registration.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/hookshot - metadataPolicy: None - property: registration - - secretKey: passkey.pem - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/hookshot - metadataPolicy: None - property: passkey - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: mautrix-discord-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: mautrix-discord-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/mautrix-discord - metadataPolicy: None - property: config - - secretKey: registration.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/mautrix-discord - metadataPolicy: None - property: registration - - secretKey: mautrix-discord-registration.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/mautrix-discord - metadataPolicy: None - property: registration - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: mautrix-whatsapp-config-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: mautrix-whatsapp-config-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: config.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/mautrix-whatsapp - metadataPolicy: None - property: config - - secretKey: registration.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/mautrix-whatsapp - metadataPolicy: None - property: registration - - secretKey: mautrix-whatsapp-registration.yaml - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: /matrix-synapse/mautrix-whatsapp - metadataPolicy: None - property: registration - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: matrix-synapse-cloudflared-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse-cloudflared-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: cloudflare/tunnels/matrix-synapse - metadataPolicy: None - property: token - ---- -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: matrix-synapse-cloudflared-hookshot-secret - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse-cloudflared-hookshot-secret - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - secretStoreRef: - kind: ClusterSecretStore - name: vault - data: - - secretKey: cf-tunnel-token - remoteRef: - conversionStrategy: Default - decodingStrategy: None - key: cloudflare/tunnels/matrix-hookshot - metadataPolicy: None - property: token \ No newline at end of file diff --git a/clusters/cl01tl/platform/matrix-synapse/templates/service-monitor.yaml b/clusters/cl01tl/platform/matrix-synapse/templates/service-monitor.yaml deleted file mode 100644 index e215a3c2f..000000000 --- a/clusters/cl01tl/platform/matrix-synapse/templates/service-monitor.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: matrix-synapse - namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/name: matrix-synapse - app.kubernetes.io/instance: {{ .Release.Name }} - app.kubernetes.io/version: {{ .Chart.AppVersion }} - app.kubernetes.io/component: web - app.kubernetes.io/part-of: {{ .Release.Name }} -spec: - endpoints: - - port: metrics - interval: 15s - scrapeTimeout: 5s - path: /_synapse/metrics - selector: - matchLabels: - app.kubernetes.io/name: matrix-synapse - app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/clusters/cl01tl/platform/matrix-synapse/values.yaml b/clusters/cl01tl/platform/matrix-synapse/values.yaml deleted file mode 100644 index 91967cf86..000000000 --- a/clusters/cl01tl/platform/matrix-synapse/values.yaml +++ /dev/null @@ -1,245 +0,0 @@ -matrix-synapse: - serverName: alexlebens.dev - publicServerName: matrix.alexlebens.dev - argoCD: true - signingkey: - job: - enabled: true - config: - reportStats: false - enableRegistration: true - trustedKeyServers: [] - extraConfig: - enable_metrics: true - enable_registration_without_verification: false - password_config: - enabled: false - sso: - client_whitelist: - - https://chat.alexlebens.dev/ - update_profile_information: true - synapse: - strategy: - type: Recreate - extraVolumes: - - name: matrix-synapse-config-secret - secret: - secretName: matrix-synapse-config-secret - - name: matrix-hookshot-config-secret - secret: - secretName: matrix-hookshot-config-secret - - name: mautrix-discord-config-secret - secret: - secretName: mautrix-discord-config-secret - - name: mautrix-whatsapp-config-secret - secret: - secretName: mautrix-whatsapp-config-secret - extraVolumeMounts: - - name: matrix-synapse-config-secret - mountPath: /synapse/config/conf.d/oidc.yaml - subPath: oidc.yaml - readOnly: true - - name: matrix-synapse-config-secret - mountPath: /synapse/config/conf.d/config.yaml - subPath: config.yaml - readOnly: true - - name: matrix-hookshot-config-secret - mountPath: /synapse/config/conf.d/hookshot-registration.yaml - subPath: hookshot-registration.yaml - readOnly: true - - name: mautrix-discord-config-secret - mountPath: /synapse/config/conf.d/mautrix-discord-registration.yaml - subPath: mautrix-discord-registration.yaml - readOnly: true - - name: mautrix-whatsapp-config-secret - mountPath: /synapse/config/conf.d/mautrix-whatsapp-registration.yaml - subPath: mautrix-whatsapp-registration.yaml - readOnly: true - resources: - requests: - cpu: 100m - memory: 128Mi - workers: - default: - replicaCount: 0 - generic_worker: - enabled: false - pusher: - enabled: false - appservice: - enabled: false - federation_sender: - enabled: false - media_repository: - enabled: false - user_dir: - enabled: false - wellknown: - enabled: true - server: - m.server: matrix.alexlebens.dev:443 - client: - m.homeserver: - base_url: https://matrix.alexlebens.dev - postgresql: - enabled: false - externalPostgresql: - host: matrix-synapse-postgresql-16-cluster-rw - port: 5432 - username: app - database: app - existingSecret: matrix-synapse-postgresql-16-cluster-app - existingSecretPasswordKey: password - redis: - enabled: false - externalRedis: - host: matrix-synapse-redis-headless - port: 6379 - existingSecret: matrix-synapse-config-secret - existingSecretPasswordKey: redis-password - persistence: - enabled: true - storageClass: ceph-block - accessMode: ReadWriteOnce - size: 10Gi - volumePermissions: - enabled: true - uid: 666 - gid: 666 - ingress: - enabled: false -matrix-hookshot: - deployment: - resources: - requests: - cpu: 100m - memory: 128Mi - ingress: - webhook: - enabled: false - appservice: - enabled: false - metrics: - enabled: true - serviceMonitor: - enabled: true - hookshot: - existingSecret: matrix-hookshot-config-secret - existingRegistrationSecret: matrix-hookshot-config-secret - existingPasskeySecret: matrix-hookshot-config-secret -mautrix-discord: - deployment: - resources: - requests: - cpu: 100m - memory: 128Mi - ingress: - enabled: false - persistence: - enabled: ture - size: 500Mi - mautrixDiscord: - existingSecret: mautrix-discord-config-secret - existingRegistrationSecret: mautrix-discord-config-secret -mautrix-whatsapp: - deployment: - resources: - requests: - cpu: 100m - memory: 128Mi - ingress: - enabled: false - persistence: - enabled: ture - size: 500Mi - mautrixWhatsapp: - existingSecret: mautrix-whatsapp-config-secret - existingRegistrationSecret: mautrix-whatsapp-config-secret -redis: - architecture: standalone - auth: - enabled: true - existingSecret: matrix-synapse-config-secret - existingSecretPasswordKey: redis-password - master: - persistence: - enabled: false - replica: - persistence: - enabled: false -postgres-16-cluster: - mode: standalone - cluster: - walStorage: - storageClass: local-path - storage: - storageClass: local-path - monitoring: - enabled: true - prometheusRule: - enabled: false - backup: - enabled: true - endpointURL: https://s3.us-east-2.amazonaws.com - destinationPath: s3://cl01tl-postgresql-backups/matrix-synapse - endpointCredentials: matrix-synapse-postgresql-16-cluster-backup-secret - backupIndex: 1 - retentionPolicy: 14d -cloudflared-synapse: - global: - nameOverride: cloudflared-synapse - controllers: - main: - type: deployment - strategy: Recreate - containers: - main: - image: - repository: cloudflare/cloudflared - tag: "2024.5.0" - pullPolicy: IfNotPresent - args: - - tunnel - - --no-autoupdate - - run - - --token - - $(CF_MANAGED_TUNNEL_TOKEN) - env: - - name: CF_MANAGED_TUNNEL_TOKEN - valueFrom: - secretKeyRef: - name: matrix-synapse-cloudflared-secret - key: cf-tunnel-token - resources: - requests: - cpu: 100m - memory: 128Mi -cloudflared-hookshot: - global: - nameOverride: cloudflared-hookshot - controllers: - main: - type: deployment - strategy: Recreate - containers: - main: - image: - repository: cloudflare/cloudflared - tag: "2024.5.0" - pullPolicy: IfNotPresent - args: - - tunnel - - --no-autoupdate - - run - - --token - - $(CF_MANAGED_TUNNEL_TOKEN) - env: - - name: CF_MANAGED_TUNNEL_TOKEN - valueFrom: - secretKeyRef: - name: matrix-hookshot-cloudflared-secret - key: cf-tunnel-token - resources: - requests: - cpu: 100m - memory: 128Mi