alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Activity

feat: refactor matrix

Browse Source
This commit is contained in:
Alex Lebens
2026-04-03 21:03:54 -05:00
parent ef94c6e275
commit 617f459f83
6 changed files with 37 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
clusters/cl01tl/helm/directus/values.yaml
View File

@@ -9,7 +9,6 @@ directus:
image: image:
repository: ghcr.io/directus/directus repository: ghcr.io/directus/directus
tag: 11.17.1@sha256:1dd2080a50a9f6df2b6f49df15a7734424bbd1a5902983c4b6e447f22027b80b tag: 11.17.1@sha256:1dd2080a50a9f6df2b6f49df15a7734424bbd1a5902983c4b6e447f22027b80b
pullPolicy: IfNotPresent
env: env:
- name: PUBLIC_URL - name: PUBLIC_URL
value: https://directus.alexlebens.net value: https://directus.alexlebens.net

1
clusters/cl01tl/helm/foldergram/values.yaml
View File

@@ -13,7 +13,6 @@ foldergram:
image: image:
repository: ghcr.io/foldergram/foldergram repository: ghcr.io/foldergram/foldergram
tag: 1.1.0@sha256:b08c7f30a15a3d3e4cf0877a5271cb76be6a36ab83751f040c115ccdb76b736a tag: 1.1.0@sha256:b08c7f30a15a3d3e4cf0877a5271cb76be6a36ab83751f040c115ccdb76b736a
pullPolicy: IfNotPresent
env: env:
- name: IMAGE_DETAIL_SOURCE - name: IMAGE_DETAIL_SOURCE
value: original value: original

10
clusters/cl01tl/helm/matrix-synapse/Chart.lock
View File

@@ -19,13 +19,13 @@ dependencies:
version: 2.4.0 version: 2.4.0
- name: postgres-cluster - name: postgres-cluster
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 7.10.0 version: 7.11.1
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
- name: valkey - name: valkey
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.4.0 version: 0.5.0
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
@@ -38,5 +38,5 @@ dependencies:
- name: volsync-target - name: volsync-target
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
version: 0.8.0 version: 0.8.0
digest: sha256:8fb2d00605ade15db97e778f47ecc1ffae3705ce3408a17e0a21f7def65de884 digest: sha256:70a7f9dc242a1102eafa0b8a5c481954793d3450eea907c7fb5fd86cb81b1bea
generated: "2026-03-24T16:59:56.540825394Z" generated: "2026-04-03T21:00:39.545529-05:00"

19
clusters/cl01tl/helm/matrix-synapse/Chart.yaml
View File

@@ -4,20 +4,15 @@ version: 1.0.0
description: Matrix Synapse description: Matrix Synapse
keywords: keywords:
- matrix-synapse - matrix-synapse
- matrix
- chat - chat
- bridge home: https://docs.alexlebens.dev/applications/matrix-synapse/
- matrix-hookshot
- mautrix-discord
- mautrix-whatsapp
home: https://wiki.alexlebens.dev/s/bd7e7f66-136a-41b8-8144-847bacbb3059
sources: sources:
- https://github.com/element-hq/synapse - https://github.com/element-hq/synapse
- https://github.com/matrix-org/matrix-hookshot - https://github.com/matrix-org/matrix-hookshot
- https://github.com/mautrix/discord - https://github.com/mautrix/discord
- https://github.com/mautrix/whatsapp - https://github.com/mautrix/whatsapp
- https://github.com/cloudflare/cloudflared - https://github.com/rtsp/docker-lighttpd/pkgs/container/docker-lighttpd
- https://github.com/cloudnative-pg/cloudnative-pg - https://hub.docker.com/_/alpine
- https://hub.docker.com/r/halfshot/matrix-hookshot - https://hub.docker.com/r/halfshot/matrix-hookshot
- https://mau.dev/mautrix/discord/container_registry - https://mau.dev/mautrix/discord/container_registry
- https://mau.dev/mautrix/whatsapp/container_registry - https://mau.dev/mautrix/whatsapp/container_registry
@@ -25,6 +20,8 @@ sources:
- https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template - https://github.com/bjw-s-labs/helm-charts/tree/main/charts/other/app-template
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/cloudflared
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster - https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/postgres-cluster
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/valkey
- https://gitea.alexlebens.dev/alexlebens/helm-charts/src/branch/main/charts/volsync-target
maintainers: maintainers:
- name: alexlebens - name: alexlebens
dependencies: dependencies:
@@ -53,15 +50,15 @@ dependencies:
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: postgres-cluster - name: postgres-cluster
alias: postgres-18-cluster alias: postgres-18-cluster
version: 7.10.0 version: 7.11.1
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey-matrix-synapse alias: valkey-matrix-synapse
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: valkey - name: valkey
alias: valkey-hookshot alias: valkey-hookshot
version: 0.4.0 version: 0.5.0
repository: oci://harbor.alexlebens.net/helm-charts repository: oci://harbor.alexlebens.net/helm-charts
- name: volsync-target - name: volsync-target
alias: volsync-target-synapse alias: volsync-target-synapse

42
clusters/cl01tl/helm/matrix-synapse/templates/external-secret.yaml
View File

@@ -14,17 +14,11 @@ spec:
data: data:
- secretKey: oidc.yaml - secretKey: oidc.yaml
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/config key: /cl01tl/matrix-synapse/config
metadataPolicy: None
property: oidc.yaml property: oidc.yaml
- secretKey: config.yaml - secretKey: config.yaml
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/config key: /cl01tl/matrix-synapse/config
metadataPolicy: None
property: config.yaml property: config.yaml
--- ---
@@ -44,10 +38,7 @@ spec:
data: data:
- secretKey: signing.key - secretKey: signing.key
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/config key: /cl01tl/matrix-synapse/config
metadataPolicy: None
property: signing-key property: signing-key
--- ---
@@ -67,31 +58,19 @@ spec:
data: data:
- secretKey: config.yml - secretKey: config.yml
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/hookshot key: /cl01tl/matrix-synapse/hookshot
metadataPolicy: None
property: config property: config
- secretKey: registration.yml - secretKey: registration.yml
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/hookshot key: /cl01tl/matrix-synapse/hookshot
metadataPolicy: None
property: registration property: registration
- secretKey: hookshot-registration.yaml - secretKey: hookshot-registration.yaml
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/hookshot key: /cl01tl/matrix-synapse/hookshot
metadataPolicy: None
property: registration property: registration
- secretKey: passkey.pem - secretKey: passkey.pem
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/hookshot key: /cl01tl/matrix-synapse/hookshot
metadataPolicy: None
property: passkey property: passkey
--- ---
@@ -110,17 +89,11 @@ spec:
data: data:
- secretKey: config.yaml - secretKey: config.yaml
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/mautrix-discord key: /cl01tl/matrix-synapse/mautrix-discord
metadataPolicy: None
property: config property: config
- secretKey: mautrix-discord-registration.yaml - secretKey: mautrix-discord-registration.yaml
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/mautrix-discord key: /cl01tl/matrix-synapse/mautrix-discord
metadataPolicy: None
property: registration property: registration
--- ---
@@ -140,17 +113,11 @@ spec:
data: data:
- secretKey: config.yaml - secretKey: config.yaml
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/mautrix-whatsapp key: /cl01tl/matrix-synapse/mautrix-whatsapp
metadataPolicy: None
property: config property: config
- secretKey: mautrix-whatsapp-registration.yaml - secretKey: mautrix-whatsapp-registration.yaml
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/mautrix-whatsapp key: /cl01tl/matrix-synapse/mautrix-whatsapp
metadataPolicy: None
property: registration property: registration
--- ---
@@ -170,10 +137,7 @@ spec:
data: data:
- secretKey: double-puppet-registration.yaml - secretKey: double-puppet-registration.yaml
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/double-puppet key: /cl01tl/matrix-synapse/double-puppet
metadataPolicy: None
property: registration property: registration
--- ---
@@ -193,15 +157,9 @@ spec:
data: data:
- secretKey: default - secretKey: default
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/redis key: /cl01tl/matrix-synapse/redis
metadataPolicy: None
property: password property: password
- secretKey: password - secretKey: password
remoteRef: remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /cl01tl/matrix-synapse/redis key: /cl01tl/matrix-synapse/redis
metadataPolicy: None
property: password property: password

81
clusters/cl01tl/helm/matrix-synapse/values.yaml
View File

@@ -1,4 +1,7 @@
matrix-synapse: matrix-synapse:
image:
repository: ghcr.io/element-hq/synapse
tag: v1.150.0@sha256:cba0969087ca70a3ec72ebcd1491a6c8391a7da2c0b92738231dd9c7ad55df4d
serverName: alexlebens.dev serverName: alexlebens.dev
publicServerName: matrix.alexlebens.dev publicServerName: matrix.alexlebens.dev
argoCD: true argoCD: true
@@ -77,7 +80,7 @@ matrix-synapse:
resources: resources:
requests: requests:
cpu: 10m cpu: 10m
memory: 128Mi memory: 130Mi
workers: workers:
default: default:
replicaCount: 0 replicaCount: 0
@@ -100,6 +103,9 @@ matrix-synapse:
client: client:
m.homeserver: m.homeserver:
base_url: https://matrix.alexlebens.dev base_url: https://matrix.alexlebens.dev
image:
repository: ghcr.io/rtsp/docker-lighttpd
tag: 1.4.76@sha256:b4b58d217a35dbd6cade82927677de404a46fb3d2b1d5fcb42042b6a6f17b2fb
postgresql: postgresql:
enabled: false enabled: false
externalPostgresql: externalPostgresql:
@@ -125,6 +131,9 @@ matrix-synapse:
enabled: true enabled: true
uid: 666 uid: 666
gid: 666 gid: 666
image:
repository: alpine
tag: 3.23.3@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659
ingress: ingress:
enabled: false enabled: false
gateway: gateway:
@@ -138,17 +147,15 @@ matrix-hookshot:
type: deployment type: deployment
replicas: 1 replicas: 1
strategy: Recreate strategy: Recreate
revisionHistoryLimit: 3
containers: containers:
main: main:
image: image:
repository: halfshot/matrix-hookshot repository: halfshot/matrix-hookshot
tag: 7.3.2 tag: 7.3.2@sha256:44283e5131a1a5818bbbf6d9d1e07dccdc29ac5bb6002fcf159af6ac09cf8085
pullPolicy: IfNotPresent
resources: resources:
requests: requests:
cpu: 10m cpu: 5m
memory: 128Mi memory: 90Mi
service: service:
main: main:
controller: main controller: main
@@ -156,19 +163,15 @@ matrix-hookshot:
webhook: webhook:
port: 9000 port: 9000
targetPort: 9000 targetPort: 9000
protocol: HTTP
metrics: metrics:
port: 9001 port: 9001
targetPort: 9001 targetPort: 9001
protocol: HTTP
widgets: widgets:
port: 9002 port: 9002
targetPort: 9002 targetPort: 9002
protocol: HTTP
appservice: appservice:
port: 9993 port: 9993
targetPort: 9993 targetPort: 9993
protocol: HTTP
serviceMonitor: serviceMonitor:
main: main:
selector: selector:
@@ -220,7 +223,6 @@ matrix-hookshot:
storageClass: ceph-block storageClass: ceph-block
accessMode: ReadWriteOnce accessMode: ReadWriteOnce
size: 500Mi size: 500Mi
retain: true
advancedMounts: advancedMounts:
main: main:
main: main:
@@ -235,13 +237,11 @@ mautrix-discord:
type: statefulset type: statefulset
replicas: 1 replicas: 1
strategy: RollingUpdate strategy: RollingUpdate
revisionHistoryLimit: 3
# initContainers: # initContainers:
# init-copy-config: # init-copy-config:
# image: # image:
# repository: busybox # repository: busybox
# tag: 1.37.0 # tag: 1.37.0
# pullPolicy: IfNotPresent
# resources: # resources:
# requests: # requests:
# cpu: 10m # cpu: 10m
@@ -260,12 +260,11 @@ mautrix-discord:
main: main:
image: image:
repository: dock.mau.dev/mautrix/discord repository: dock.mau.dev/mautrix/discord
tag: v0.7.6 tag: v0.7.6@sha256:e4946b0df6a2786c88ed490e0d2692e352f1b79b9ff0e821a33764bd8bd1fffd
pullPolicy: IfNotPresent
resources: resources:
requests: requests:
cpu: 10m cpu: 1m
memory: 128Mi memory: 40Mi
service: service:
main: main:
controller: main controller: main
@@ -273,7 +272,6 @@ mautrix-discord:
http: http:
port: 29334 port: 29334
targetPort: 29334 targetPort: 29334
protocol: HTTP
persistence: persistence:
config: config:
enabled: true enabled: true
@@ -302,7 +300,6 @@ mautrix-discord:
storageClass: ceph-block storageClass: ceph-block
accessMode: ReadWriteOnce accessMode: ReadWriteOnce
size: 500Mi size: 500Mi
retain: true
advancedMounts: advancedMounts:
main: main:
init-copy-config: init-copy-config:
@@ -320,13 +317,11 @@ mautrix-whatsapp:
type: statefulset type: statefulset
replicas: 0 replicas: 0
strategy: RollingUpdate strategy: RollingUpdate
revisionHistoryLimit: 3
# initContainers: # initContainers:
# init-copy-config: # init-copy-config:
# image: # image:
# repository: busybox # repository: busybox
# tag: 1.37.0 # tag: 1.37.0
# pullPolicy: IfNotPresent
# resources: # resources:
# requests: # requests:
# cpu: 10m # cpu: 10m
@@ -345,12 +340,11 @@ mautrix-whatsapp:
main: main:
image: image:
repository: dock.mau.dev/mautrix/whatsapp repository: dock.mau.dev/mautrix/whatsapp
tag: v0.2602.0 tag: v0.2602.0@sha256:07fca07f8746c09e6d5f486d002e638da014d0a134e053e2ed7af9875053104d
pullPolicy: IfNotPresent
resources: resources:
requests: requests:
cpu: 10m cpu: 1m
memory: 64Mi memory: 40Mi
service: service:
main: main:
controller: main controller: main
@@ -358,7 +352,6 @@ mautrix-whatsapp:
http: http:
port: 29318 port: 29318
targetPort: 29318 targetPort: 29318
protocol: HTTP
persistence: persistence:
config: config:
enabled: true enabled: true
@@ -387,7 +380,6 @@ mautrix-whatsapp:
storageClass: ceph-block storageClass: ceph-block
accessMode: ReadWriteOnce accessMode: ReadWriteOnce
size: 500Mi size: 500Mi
retain: true
advancedMounts: advancedMounts:
main: main:
init-copy-config: init-copy-config:
@@ -402,10 +394,6 @@ cloudflared-hookshot:
name: hookshot name: hookshot
postgres-18-cluster: postgres-18-cluster:
mode: recovery mode: recovery
cluster:
resources:
requests:
cpu: 200m
recovery: recovery:
method: objectStore method: objectStore
objectStore: objectStore:
@@ -417,42 +405,19 @@ postgres-18-cluster:
destinationBucket: postgres-backups destinationBucket: postgres-backups
externalSecretCredentialPath: /garage/home-infra/postgres-backups externalSecretCredentialPath: /garage/home-infra/postgres-backups
isWALArchiver: true isWALArchiver: true
# - name: garage-remote
# index: 1
# destinationBucket: postgres-backups
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
# retentionPolicy: "90d"
# data:
# compression: bzip2
# - name: external
# index: 1
# endpointURL: https://nyc3.digitaloceanspaces.com
# destinationBucket: postgres-backups-ce540ddf106d186bbddca68a
# externalSecretCredentialPath: /garage/home-infra/postgres-backups
# isWALArchiver: false
scheduledBackups: scheduledBackups:
- name: live-backup - name: live-backup
suspend: false suspend: false
immediate: true immediate: true
schedule: "0 0 15 * * *" schedule: "0 0 15 * * *"
backupName: garage-local backupName: garage-local
# - name: weekly-backup
# suspend: true
# immediate: true
# schedule: "0 0 4 * * SAT"
# backupName: garage-remote
# - name: daily-backup
# suspend: true
# immediate: true
# schedule: "0 0 0 * * *"
# backupName: external
databases: databases:
- name: mautrix-discord - name: mautrix-discord
ensure: present ensure: present
owner: app owner: app
- name: mautrix-whatsapp # - name: mautrix-whatsapp
ensure: present # ensure: present
owner: app # owner: app
valkey-matrix-synapse: valkey-matrix-synapse:
valkey: valkey:
auth: auth:
@@ -461,6 +426,8 @@ valkey-matrix-synapse:
aclUsers: aclUsers:
default: default:
permissions: "~* &* +@all" permissions: "~* &* +@all"
# No option to configure metrics when auth is enabled
# https://github.com/valkey-io/valkey-helm/issues/135
metrics: metrics:
enabled: false enabled: false
valkey-hookshot: valkey-hookshot: