alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Activity

feat: refactor matrix

Browse Source
This commit is contained in:
Alex Lebens
2026-04-03 21:03:54 -05:00
parent ef94c6e275
commit 617f459f83
6 changed files with 37 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
clusters/cl01tl/helm/directus/values.yaml
View File

@@ -9,7 +9,6 @@ directus:
image:
repository: ghcr.io/directus/directus
tag: 11.17.1@sha256:1dd2080a50a9f6df2b6f49df15a7734424bbd1a5902983c4b6e447f22027b80b
pullPolicy: IfNotPresent
env:
- name: PUBLIC_URL
value: https://directus.alexlebens.net

1
clusters/cl01tl/helm/foldergram/values.yaml
View File

@@ -13,7 +13,6 @@ foldergram:
image:
repository: ghcr.io/foldergram/foldergram
tag: 1.1.0@sha256:b08c7f30a15a3d3e4cf0877a5271cb76be6a36ab83751f040c115ccdb76b736a
pullPolicy: IfNotPresent
env:
- name: IMAGE_DETAIL_SOURCE
value: original

10
clusters/cl01tl/helm/matrix-synapse/Chart.lock
View File

@@ -19,13 +19,13 @@ dependencies:
version: 2.4.0
- name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0
version: 7.11.1
- name: valkey
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0
version: 0.5.0
- name: valkey
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0
version: 0.5.0
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
@@ -38,5 +38,5 @@ dependencies:
- name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0
digest: sha256:8fb2d00605ade15db97e778f47ecc1ffae3705ce3408a17e0a21f7def65de884
generated: "2026-03-24T16:59:56.540825394Z"
digest: sha256:70a7f9dc242a1102eafa0b8a5c481954793d3450eea907c7fb5fd86cb81b1bea
generated: "2026-04-03T21:00:39.545529-05:00"

19
clusters/cl01tl/helm/matrix-synapse/Chart.yaml
View File

@@ -4,20 +4,15 @@ version: 1.0.0
description: Matrix Synapse
keywords:
- matrix-synapse
- matrix
- chat
- bridge
- matrix-hookshot
- mautrix-discord
- mautrix-whatsapp
home: https://wiki.alexlebens.dev/s/bd7e7f66-136a-41b8-8144-847bacbb3059
home: https://docs.alexlebens.dev/applications/matrix-synapse/
sources:
- https://github.com/element-hq/synapse
- https://github.com/matrix-org/matrix-hookshot
- https://github.com/mautrix/discord
- https://github.com/mautrix/whatsapp
- https://github.com/cloudflare/cloudflared
- https://github.com/cloudnative-pg/cloudnative-pg
- https://github.com/rtsp/docker-lighttpd/pkgs/container/docker-lighttpd
- https://hub.docker.com/_/alpine
- https://hub.docker.com/r/halfshot/matrix-hookshot
- https://mau.dev/mautrix/discord/container_registry
- https://mau.dev/mautrix/whatsapp/container_registry
@@ -25,6 +20,8 @@ sources:
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target
maintainers:
- name: alexlebens
dependencies:
@@ -53,15 +50,15 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts
- name: postgres-cluster
alias: postgres-18-cluster
version: 7.10.0
version: 7.11.1
repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey
alias: valkey-matrix-synapse
version: 0.4.0
version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey
alias: valkey-hookshot
version: 0.4.0
version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target
alias: volsync-target-synapse

42
clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml
View File

@@ -14,17 +14,11 @@ spec:
data:
- secretKey: oidc.yaml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/config
metadataPolicy: None
property: oidc.yaml
- secretKey: config.yaml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/config
metadataPolicy: None
property: config.yaml
---
@@ -44,10 +38,7 @@ spec:
data:
- secretKey: signing.key
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/config
metadataPolicy: None
property: signing-key
---
@@ -67,31 +58,19 @@ spec:
data:
- secretKey: config.yml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/hookshot
metadataPolicy: None
property: config
- secretKey: registration.yml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/hookshot
metadataPolicy: None
property: registration
- secretKey: hookshot-registration.yaml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/hookshot
metadataPolicy: None
property: registration
- secretKey: passkey.pem
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/hookshot
metadataPolicy: None
property: passkey
---
@@ -110,17 +89,11 @@ spec:
data:
- secretKey: config.yaml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/mautrix-discord
metadataPolicy: None
property: config
- secretKey: mautrix-discord-registration.yaml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/mautrix-discord
metadataPolicy: None
property: registration
---
@@ -140,17 +113,11 @@ spec:
data:
- secretKey: config.yaml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/mautrix-whatsapp
metadataPolicy: None
property: config
- secretKey: mautrix-whatsapp-registration.yaml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/mautrix-whatsapp
metadataPolicy: None
property: registration
---
@@ -170,10 +137,7 @@ spec:
data:
- secretKey: double-puppet-registration.yaml
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/double-puppet
metadataPolicy: None
property: registration
---
@@ -193,15 +157,9 @@ spec:
data:
- secretKey: default
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/redis
metadataPolicy: None
property: password
- secretKey: password
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/redis
metadataPolicy: None
property: password

81
clusters/cl01tl/helm/matrix-synapse/values.yaml
View File

@@ -1,4 +1,7 @@
matrix-synapse:
image:
repository: ghcr.io/element-hq/synapse
tag: v1.150.0@sha256:cba0969087ca70a3ec72ebcd1491a6c8391a7da2c0b92738231dd9c7ad55df4d
serverName: alexlebens.dev
publicServerName: matrix.alexlebens.dev
argoCD: true
@@ -77,7 +80,7 @@ matrix-synapse:
resources:
requests:
cpu: 10m
memory: 128Mi
memory: 130Mi
workers:
default:
replicaCount: 0
@@ -100,6 +103,9 @@ matrix-synapse:
client:
m.homeserver:
base_url: https://matrix.alexlebens.dev
image:
repository: ghcr.io/rtsp/docker-lighttpd
tag: 1.4.76@sha256:b4b58d217a35dbd6cade82927677de404a46fb3d2b1d5fcb42042b6a6f17b2fb
postgresql:
enabled: false
externalPostgresql:
@@ -125,6 +131,9 @@ matrix-synapse:
enabled: true
uid: 666
gid: 666
image:
repository: alpine
tag: 3.23.3@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659
ingress:
enabled: false
gateway:
@@ -138,17 +147,15 @@ matrix-hookshot:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: halfshot/matrix-hookshot
tag: 7.3.2
pullPolicy: IfNotPresent
tag: 7.3.2@sha256:44283e5131a1a5818bbbf6d9d1e07dccdc29ac5bb6002fcf159af6ac09cf8085
resources:
requests:
cpu: 10m
memory: 128Mi
cpu: 5m
memory: 90Mi
service:
main:
controller: main
@@ -156,19 +163,15 @@ matrix-hookshot:
webhook:
port: 9000
targetPort: 9000
protocol: HTTP
metrics:
port: 9001
targetPort: 9001
protocol: HTTP
widgets:
port: 9002
targetPort: 9002
protocol: HTTP
appservice:
port: 9993
targetPort: 9993
protocol: HTTP
serviceMonitor:
main:
selector:
@@ -220,7 +223,6 @@ matrix-hookshot:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 500Mi
retain: true
advancedMounts:
main:
main:
@@ -235,13 +237,11 @@ mautrix-discord:
type: statefulset
replicas: 1
strategy: RollingUpdate
revisionHistoryLimit: 3
# initContainers:
# init-copy-config:
# image:
# repository: busybox
# tag: 1.37.0
# pullPolicy: IfNotPresent
# resources:
# requests:
# cpu: 10m
@@ -260,12 +260,11 @@ mautrix-discord:
main:
image:
repository: dock.mau.dev/mautrix/discord
tag: v0.7.6
pullPolicy: IfNotPresent
tag: v0.7.6@sha256:e4946b0df6a2786c88ed490e0d2692e352f1b79b9ff0e821a33764bd8bd1fffd
resources:
requests:
cpu: 10m
memory: 128Mi
cpu: 1m
memory: 40Mi
service:
main:
controller: main
@@ -273,7 +272,6 @@ mautrix-discord:
http:
port: 29334
targetPort: 29334
protocol: HTTP
persistence:
config:
enabled: true
@@ -302,7 +300,6 @@ mautrix-discord:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 500Mi
retain: true
advancedMounts:
main:
init-copy-config:
@@ -320,13 +317,11 @@ mautrix-whatsapp:
type: statefulset
replicas: 0
strategy: RollingUpdate
revisionHistoryLimit: 3
# initContainers:
# init-copy-config:
# image:
# repository: busybox
# tag: 1.37.0
# pullPolicy: IfNotPresent
# resources:
# requests:
# cpu: 10m
@@ -345,12 +340,11 @@ mautrix-whatsapp:
main:
image:
repository: dock.mau.dev/mautrix/whatsapp
tag: v0.2602.0
pullPolicy: IfNotPresent
tag: v0.2602.0@sha256:07fca07f8746c09e6d5f486d002e638da014d0a134e053e2ed7af9875053104d
resources:
requests:
cpu: 10m
memory: 64Mi
cpu: 1m
memory: 40Mi
service:
main:
controller: main
@@ -358,7 +352,6 @@ mautrix-whatsapp:
http:
port: 29318
targetPort: 29318
protocol: HTTP
persistence:
config:
enabled: true
@@ -387,7 +380,6 @@ mautrix-whatsapp:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 500Mi
retain: true
advancedMounts:
main:
init-copy-config:
@@ -402,10 +394,6 @@ cloudflared-hookshot:
name: hookshot
postgres-18-cluster:
mode: recovery
cluster:
resources:
requests:
cpu: 200m
recovery:
method: objectStore
objectStore:
@@ -417,42 +405,19 @@ postgres-18-cluster:
destinationBucket: postgres-backups
externalSecretCredentialPath: /garage/home-infra/postgres-backups
isWALArchiver: true
# - name: garage-remote
# index: 1
# destinationBucket: postgres-backups
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
# retentionPolicy: "90d"
# data:
# compression: bzip2
# - name: external
# index: 1
# endpointURL: https://nyc3.digitaloceanspaces.com
# destinationBucket: postgres-backups-ce540ddf106d186bbddca68a
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
# isWALArchiver: false
scheduledBackups:
- name: live-backup
suspend: false
immediate: true
schedule: "0 0 15 * * *"
backupName: garage-local
# - name: weekly-backup
# suspend: true
# immediate: true
# schedule: "0 0 4 * * SAT"
# backupName: garage-remote
# - name: daily-backup
# suspend: true
# immediate: true
# schedule: "0 0 0 * * *"
# backupName: external
databases:
- name: mautrix-discord
ensure: present
owner: app
- name: mautrix-whatsapp
ensure: present
owner: app
# - name: mautrix-whatsapp
# ensure: present
# owner: app
valkey-matrix-synapse:
valkey:
auth:
@@ -461,6 +426,8 @@ valkey-matrix-synapse:
aclUsers:
default:
permissions: "~* &* +@all"
# No option to configure metrics when auth is enabled
# https://github.com/valkey-io/valkey-helm/issues/135
metrics:
enabled: false
valkey-hookshot: