diff --git a/charts/matrix-synapse/templates/deployment.yaml b/charts/matrix-synapse/templates/deployment.yaml index f89cddc..cb0e7b4 100644 --- a/charts/matrix-synapse/templates/deployment.yaml +++ b/charts/matrix-synapse/templates/deployment.yaml @@ -1,9 +1,9 @@ {{- $needsVolumePermissions := and .Values.volumePermissions.enabled (or .Values.persistence.enabled .Values.persistence.existingClaim) }} -{{- if (and .Values.postgresql.enabled (not .Values.postgresql.postgresqlPassword)) -}} -{{- fail "You must specify a static postgres password if using the included postgres chart" -}} +{{- if (and .Values.postgresql.enabled (and (not .Values.postgresql.postgresqlPassword) (not .Values.postgresql.existingSecret))) -}} +{{- fail "You must specify a static postgres password or existing secret if using the included postgres chart" -}} {{- end -}} -{{- if (and .Values.redis.enabled (and .Values.redis.usePassword (not .Values.redis.password))) -}} -{{- fail "You must specify a static redis password if using the included redis chart" -}} +{{- if (and .Values.redis.enabled (and .Values.redis.usePassword (and (not .Values.redis.password) (not .Values.redis.existingSecret)))) -}} +{{- fail "You must specify a static redis password or existing secret if using the included redis chart" -}} {{- end -}} --- # Server: {{ required "A valid serverName is required" .Values.serverName }} @@ -86,7 +86,7 @@ spec: - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - name: {{ include "matrix-synapse.postgresql.fullname" . }} + name: {{ .Values.postgresql.existingSecret | default (include "matrix-synapse.postgresql.fullname" .) }} key: postgresql-password {{- end }} {{- $redisPass := include "matrix-synapse.redis.password" . }} @@ -94,7 +94,7 @@ spec: - name: REDIS_PASSWORD valueFrom: secretKeyRef: - name: {{ include "matrix-synapse.redis.fullname" . }} + name: {{ .Values.redis.existingSecret | default (include "matrix-synapse.redis.fullname" .) }} key: redis-password {{- end }} {{- with .Values.synapse.extraEnv }} diff --git a/charts/matrix-synapse/templates/worker-deployment.yaml b/charts/matrix-synapse/templates/worker-deployment.yaml index 7ea7cd9..fcbb2ba 100644 --- a/charts/matrix-synapse/templates/worker-deployment.yaml +++ b/charts/matrix-synapse/templates/worker-deployment.yaml @@ -87,14 +87,14 @@ spec: - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - name: {{ include "matrix-synapse.postgresql.fullname" $ }} + name: {{ $.Values.postgresql.existingSecret | default (include "matrix-synapse.postgresql.fullname" $) }} key: postgresql-password {{- end }} {{- if and $.Values.redis.enabled (default $.Values.redis.usePassword true) }} - name: REDIS_PASSWORD valueFrom: secretKeyRef: - name: {{ include "matrix-synapse.redis.fullname" $ }} + name: {{ $.Values.redis.existingSecret | default (include "matrix-synapse.redis.fullname" $) }} key: redis-password {{- end }} {{- with $config.extraEnv | default $default.extraEnv }} diff --git a/charts/matrix-synapse/values.yaml b/charts/matrix-synapse/values.yaml index c698e4c..8328703 100644 --- a/charts/matrix-synapse/values.yaml +++ b/charts/matrix-synapse/values.yaml @@ -592,6 +592,11 @@ postgresql: # XXX Change me! postgresqlPassword: synapse + ## Or use existing secret with "postgresql-password" key + ## instead of static password + ## + # existingSecret: postgresql-secret + postgresqlUsername: synapse postgresqlDatabase: synapse @@ -629,10 +634,15 @@ externalPostgresql: redis: enabled: true - # XXX Change me! usePassword: true + # XXX Change me! password: synapse + ## Or use existing secret with "redis-password" key + ## instead of static password + ## + # existingSecret: redis-secret + cluster: enabled: false master: