infrastructure/clusters/cl01tl/platform/matrix-synapse/values.yaml

matrix-synapse:
  serverName: alexlebens.dev
  publicServerName: matrix.alexlebens.dev
  argoCD: true
  signingkey:
    job:
      enabled: false
  config:
    reportStats: false
    enableRegistration: true
    trustedKeyServers: []
  extraConfig:
    enable_metrics: true
    enable_registration_without_verification: false
    password_config:
      enabled: false
    sso:
      client_whitelist:
        - https://chat.alexlebens.dev/
      update_profile_information: true
  synapse:
    strategy:
      type: Recreate
    extraVolumes:
      - name: matrix-synapse-config-secret
        secret:
          secretName: matrix-synapse-config-secret
      - name: matrix-hookshot-config-secret
        secret:
          secretName: matrix-hookshot-config-secret
      - name: mautrix-discord-config-secret
        secret:
          secretName: mautrix-discord-config-secret
      - name: mautrix-whatsapp-config-secret
        secret:
          secretName: mautrix-whatsapp-config-secret          
    extraVolumeMounts:
      - name: matrix-synapse-config-secret
        mountPath: /synapse/config/conf.d/oidc.yaml
        subPath: oidc.yaml
        readOnly: true
      - name: matrix-synapse-config-secret
        mountPath: /synapse/config/conf.d/config.yaml
        subPath: config.yaml
        readOnly: true
      - name: matrix-hookshot-config-secret
        mountPath: /synapse/config/conf.d/hookshot-registration.yaml
        subPath: hookshot-registration.yaml
        readOnly: true
      - name: mautrix-discord-config-secret
        mountPath: /synapse/config/conf.d/mautrix-discord-registration.yaml
        subPath: mautrix-discord-registration.yaml
        readOnly: true
      - name: mautrix-whatsapp-config-secret
        mountPath: /synapse/config/conf.d/mautrix-whatsapp-registration.yaml
        subPath: mautrix-whatsapp-registration.yaml
        readOnly: true        
    resources:
      requests:
        cpu: 100m
        memory: 128Mi
  workers:
    default:
      replicaCount: 0
    generic_worker:
      enabled: false
    pusher:
      enabled: false
    appservice:
      enabled: false
    federation_sender:
      enabled: false
    media_repository:
      enabled: false
    user_dir:
      enabled: false
  wellknown:
    enabled: true
    server:
      m.server: matrix.alexlebens.dev:443
    client:
      m.homeserver:
        base_url: https://matrix.alexlebens.dev
  postgresql:
    enabled: false
  externalPostgresql:
    host: matrix-synapse-postgresql-16-cluster-rw
    port: 5432
    username: app
    database: app
    existingSecret: matrix-synapse-postgresql-16-cluster-app
    existingSecretPasswordKey: password
  redis:
    enabled: false
  externalRedis:
    host: matrix-synapse-redis-headless
    port: 6379
    existingSecret: matrix-synapse-redis-secret
    existingSecretPasswordKey: password
  persistence:
    enabled: true
    storageClass: ceph-block
    accessMode: ReadWriteOnce
    size: 10Gi
  volumePermissions:
    enabled: true
    uid: 666
    gid: 666
  ingress:
    enabled: false
matrix-hookshot:
  deployment:
    resources:
      requests:
        cpu: 100m
        memory: 128Mi
  ingress:
    webhook:
      enabled: false
    appservice:
      enabled: false
  metrics:
    enabled: true
    serviceMonitor:
      enabled: true
  hookshot:
    existingSecret: matrix-hookshot-config-secret
    existingRegistrationSecret: matrix-hookshot-config-secret
    existingPasskeySecret: matrix-hookshot-config-secret
mautrix-discord:
  deployment:
    resources:
      requests:
        cpu: 100m
        memory: 128Mi
  ingress:
    enabled: false
  persistence:
    enabled: ture
    storageClass: ceph-block
    size: 500Mi
  mautrixDiscord:
    existingSecret: mautrix-discord-config-secret
mautrix-whatsapp:
  deployment:
    resources:
      requests:
        cpu: 100m
        memory: 128Mi
  ingress:
    enabled: false
  persistence:
    enabled: ture
    storageClass: ceph-block
    size: 500Mi
  mautrixWhatsapp:
    existingSecret: mautrix-whatsapp-config-secret    
redis:
  architecture: standalone
  auth:
    enabled: true
    existingSecret: matrix-synapse-redis-secret
    existingSecretPasswordKey: password
  master:
    persistence:
      enabled: false
  replica:
    persistence:
      enabled: false
postgres-16-cluster:
  mode: recovery
  cluster:
    walStorage:
      storageClass: local-path
    storage:
      storageClass: local-path
    monitoring:
      enabled: true
      prometheusRule:
        enabled: false
  recovery:
    endpointURL: https://s3.us-east-2.amazonaws.com
    destinationPath: s3://cl01tl-postgresql-backups/matrix-synapse
    endpointCredentials: matrix-synapse-postgresql-16-cluster-backup-secret
    recoveryIndex: 1
  backup:
    enabled: false
    endpointURL: https://s3.us-east-2.amazonaws.com
    destinationPath: s3://cl01tl-postgresql-backups/matrix-synapse
    endpointCredentials: matrix-synapse-postgresql-16-cluster-backup-secret
    backupIndex: 2
    retentionPolicy: 14d
cloudflared-synapse:
  name: cloudflared-synapse
  existingSecretName: matrix-synapse-cloudflared-synapse-secret
cloudflared-hookshot:
  name: cloudflared-hookshot
  existingSecretName: matrix-synapse-cloudflared-hookshot-secret