pub/charts
1
0
Fork 0
Code Issues Pull requests Releases Packages 19 Activity Actions

Merge branch 'master' of ssh://gitlab.com/ananace/charts into allow-probe-customisation

Browse source
This commit is contained in:
Florian Piesche 2021-03-23 23:13:12 +00:00
commit 60c7c44ef1
No known key found for this signature in database
GPG key ID: CF7283FB896221F3
30 changed files with 248 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
.gitignore vendored Normal file
View file

@ -0,0 +1,3 @@
# Helm resources
charts/*/charts/*.tgz
charts/*/Chart.lock

4
.gitlab-ci.yml
View file

@ -16,6 +16,10 @@ pages:
name: codenest/helm name: codenest/helm
entrypoint: ["/bin/sh", "-c"] entrypoint: ["/bin/sh", "-c"]
stage: deploy stage: deploy
before_script:
- grep 'repository:' charts/*/Chart.yaml charts/*/requirements.yaml | awk '{ print $3 }' | uniq | xargs -rn1 sh -c 'helm repo add $(basename $0) $0'
- helm repo update
- ls -d1 charts/* | xargs -rn1 helm dependency build --skip-refresh
script: script:
- mkdir -p public - mkdir -p public
- "echo \"User-Agent: *\nDisallow: /\" > ./public/robots.txt" - "echo \"User-Agent: *\nDisallow: /\" > ./public/robots.txt"

4
charts/element-web/Chart.yaml
View file

@ -7,10 +7,10 @@ description: |
Talk to everyone through the open global Matrix network, protected by proper Talk to everyone through the open global Matrix network, protected by proper
end-to-end encryption. end-to-end encryption.
icon: https://element.io/images/element-logo.svg icon: https://element.io/images/element-logo.svg
appVersion: 1.7.22 appVersion: 1.7.23
type: application type: application
version: 1.0.17 version: 1.0.18
maintainers: maintainers:
- name: Alexander Olofsson - name: Alexander Olofsson

12
charts/funkwhale/Chart.yaml
View file

@ -1,7 +1,13 @@
--- ---
apiVersion: v1 apiVersion: v2
appVersion: "1.0.1" appVersion: "1.1"
description: A social platform to enjoy and share music description: A social platform to enjoy and share music
icon: https://funkwhale.audio/favicon.png icon: https://funkwhale.audio/favicon.png
name: funkwhale name: funkwhale
version: 0.3.6 version: 0.3.7
dependencies:
- name: redis
version: ~10.6.10
repository: https://charts.bitnami.com/bitnami
condition: redis.enabled

BIN
charts/funkwhale/charts/redis-10.6.10.tgz
View file

Binary file not shown.

6
charts/funkwhale/requirements.lock
View file

@ -1,6 +0,0 @@
dependencies:
- name: redis
repository: https://charts.bitnami.com/bitnami
version: 10.6.10
digest: sha256:5a929e0124864ab7fbe29c01fcbe1a23e4532dd0912abcb8bc185fff5f4e65f3
generated: "2020-04-24T11:47:31.68381778+02:00"

4
charts/funkwhale/requirements.yaml
View file

@ -1,4 +0,0 @@
dependencies:
- name: redis
version: ~10.6.10
repository: https://charts.bitnami.com/bitnami

16
charts/funkwhale/templates/_helpers.tpl
View file

@ -10,10 +10,6 @@ Expand the name of the chart.
postgres://{{ .Values.database.user }}:{{ .Values.database.password }}@{{ .Values.database.host }}:{{ .Values.database.port }}/{{ .Values.database.database }} postgres://{{ .Values.database.user }}:{{ .Values.database.password }}@{{ .Values.database.host }}:{{ .Values.database.port }}/{{ .Values.database.database }}
{{- end -}} {{- end -}}
{{- define "funkwhale.redisUrl" -}}
redis://:{{ .Values.redis.password }}@{{ .Values.redis.host }}:{{ .Values.redis.redisPort }}/0
{{- end -}}
{{/* {{/*
Create a default fully qualified app name. Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
@ -45,3 +41,15 @@ Create the correct image tag name
{{- define "funkwhale.imageTag" -}} {{- define "funkwhale.imageTag" -}}
{{- .Values.image.tag | default .Chart.AppVersion -}} {{- .Values.image.tag | default .Chart.AppVersion -}}
{{- end -}} {{- end -}}
{{- define "funkwhale.redisUrl" -}}
{{- if and .Values.redis.enabled .Values.redis.host -}}
{{ fail "Setting both redis.enabled and redis.host will deploy an internal Redis service and attempt to use an external one - please set only one of the two!" }}
{{- else if .Values.redis.enabled -}}
redis://:{{ .Values.redis.password }}@{{ template "funkwhale.fullname" . }}-redis-master:{{ .Values.redis.redisPort }}/0
{{- else if .Values.redis.host -}}
redis://:{{ .Values.redis.password }}@{{ .Values.redis.host }}:{{ .Values.redis.redisPort }}/0
{{- else -}}
{{ fail "Either redis.enabled or redis.host are required!" }}
{{- end -}}
{{- end -}}

8
charts/funkwhale/templates/secret.yaml
View file

@ -1,3 +1,5 @@
{{- $secret := (lookup "v1" "Secret" .Release.Namespace (include "funkwhale.fullname" .)) -}}
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret
metadata: metadata:
@ -10,7 +12,11 @@ metadata:
data: data:
CACHE_URL: {{ include "funkwhale.redisUrl" . | b64enc }} CACHE_URL: {{ include "funkwhale.redisUrl" . | b64enc }}
DATABASE_URL: {{ include "funkwhale.dbUrl" . | b64enc }} DATABASE_URL: {{ include "funkwhale.dbUrl" . | b64enc }}
DJANGO_SECRET_KEY: {{ .Values.djangoSecret | b64enc }} {{ if $secret -}}
DJANGO_SECRET_KEY: {{ $secret.data.DJANGO_SECRET_KEY }}
{{ else -}}
DJANGO_SECRET_KEY: {{ (.Values.djangoSecret | default uuidv4) | b64enc }}
{{ end }}
{{- range $key, $val := .Values.extraSecret }} {{- range $key, $val := .Values.extraSecret }}
{{ $key }}: {{ $val | b64enc }} {{ $key }}: {{ $val | b64enc }}

11
charts/funkwhale/values.yaml
View file

@ -47,6 +47,14 @@ database:
database: funkwhale database: funkwhale
redis: redis:
# If you already have a Redis service you'd like to use, set
# this to false and adjust the host to use your existing service.
enabled: true
host: ''
redisPort: 6379
password: 'funkwhale'
cluster: cluster:
enabled: false enabled: false
master: master:
@ -55,9 +63,6 @@ redis:
slave: slave:
persistence: persistence:
enabled: false enabled: false
password: funkwhale
redisPort: 6379
host: {{ template "funkwhale.fullname" . }}-redis-master
djangoSecret: '' djangoSecret: ''

4
charts/matrix-media-repo/Chart.yaml
View file

@ -2,10 +2,10 @@
apiVersion: v2 apiVersion: v2
name: matrix-media-repo name: matrix-media-repo
description: Matrix media repository with multi-domain in mind. description: Matrix media repository with multi-domain in mind.
appVersion: 1.2.4 appVersion: 1.2.5
type: application type: application
version: 1.0.2 version: 1.0.3
maintainers: maintainers:
- name: Alexander Olofsson - name: Alexander Olofsson
email: ace@haxalot.com email: ace@haxalot.com

BIN
charts/matrix-media-repo/charts/postgresql-8.9.9.tgz
View file

Binary file not shown.

3
charts/matrix-media-repo/values.yaml
View file

@ -43,6 +43,9 @@ config:
# featureSupport: # featureSupport:
# MSC2448: # MSC2448:
# enabled: true # enabled: true
# sentry:
# enabled: true
# dsn: "https://examplekey@ingest.sentry.io/0"
## For setting extra parameters on the repo block, separated to avoid breaking ## For setting extra parameters on the repo block, separated to avoid breaking
## the defaults when merging multiple configurations. ## the defaults when merging multiple configurations.

4
charts/matrix-synapse/Chart.yaml
View file

@ -3,10 +3,10 @@ apiVersion: v2
name: matrix-synapse name: matrix-synapse
description: Matrix reference homeserver description: Matrix reference homeserver
icon: https://matrix.org/images/matrix-logo.svg icon: https://matrix.org/images/matrix-logo.svg
appVersion: 1.29.0 appVersion: 1.30.0
type: application type: application
version: 1.4.1 version: 2.0.1
maintainers: maintainers:
- name: Alexander Olofsson - name: Alexander Olofsson
email: ace@haxalot.com email: ace@haxalot.com

BIN
charts/matrix-synapse/charts/postgresql-8.9.9.tgz
View file

Binary file not shown.

BIN
charts/matrix-synapse/charts/redis-10.6.19.tgz
View file

Binary file not shown.

41
charts/matrix-synapse/scripts/signing-key.sh Normal file
View file

@ -0,0 +1,41 @@
#!/bin/sh
set -eu
check_key() {
set +e
echo "Checking for existing signing key..."
key="$(kubectl get secret "$SECRET_NAME" -o jsonpath="{.data['signing\.key']}" 2> /dev/null)"
[ $? -ne 0 ] && return 1
[ -z "$key" ] && return 2
return 0
}
create_key() {
echo "Waiting for new signing key to be generated..."
begin=$(date +%s)
end=$((begin + 300)) # 5 minutes
while true; do
[ -f /synapse/keys/signing.key ] && return 0
[ "$(date +%s)" -gt $end ] && return 1
sleep 5
done
}
store_key() {
echo "Storing signing key in Kubernetes secret..."
kubectl patch secret "$SECRET_NAME" -p "{\"data\":{\"signing.key\":\"$(base64 /synapse/keys/signing.key | tr -d '\n')\"}}"
}
if check_key; then
echo "Key already in place, exiting."
exit
fi
if ! create_key; then
echo "Timed out waiting for a signing key to appear."
exit 1
fi
store_key

2
charts/matrix-synapse/templates/_helpers.tpl
View file

@ -59,7 +59,7 @@ Create chart name and version as used by the chart label.
Get the correct image tag name Get the correct image tag name
*/}} */}}
{{- define "matrix-synapse.imageTag" -}} {{- define "matrix-synapse.imageTag" -}}
{{- .Values.image.tag | default (printf "%s" .Chart.AppVersion) -}} {{- .Values.image.tag | default (printf "v%s" .Chart.AppVersion) -}}
{{- end -}} {{- end -}}
{{/* {{/*

9
charts/matrix-synapse/templates/configuration-scripts.yaml Normal file
View file

@ -0,0 +1,9 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "matrix-synapse.fullname" . }}-scripts
labels:
{{- include "matrix-synapse.labels" . | nindent 4 }}
data:
{{ (.Files.Glob "scripts/*.sh").AsConfig | indent 2 }}

18
charts/matrix-synapse/templates/deployment.yaml
View file

@ -1,4 +1,10 @@
{{- $needsVolumePermissions := and .Values.volumePermissions.enabled (or .Values.persistence.enabled .Values.persistence.existingClaim) }} {{- $needsVolumePermissions := and .Values.volumePermissions.enabled (or .Values.persistence.enabled .Values.persistence.existingClaim) }}
{{- if (and .Values.postgresql.enabled (not .Values.postgresql.postgresqlPassword)) -}}
{{- fail "You must specify a static postgres password if using the included postgres chart" -}}
{{- end -}}
{{- if (and .Values.redis.enabled (and .Values.redis.usePassword (not .Values.redis.password))) -}}
{{- fail "You must specify a static redis password if using the included redis chart" -}}
{{- end -}}
--- ---
# Server: {{ required "A valid serverName is required" .Values.serverName }} # Server: {{ required "A valid serverName is required" .Values.serverName }}
apiVersion: apps/v1 apiVersion: apps/v1
@ -68,9 +74,9 @@ spec:
{{- end }} {{- end }}
{{- end }} {{- end }}
/matrix-synapse $@ exec python -B -m synapse.app.homeserver \
args: -c /synapse/config/homeserver.yaml \
- synapse.app.homeserver -c /synapse/config/conf.d/
env: env:
{{- $postgresPass := include "matrix-synapse.postgresql.password" . }} {{- $postgresPass := include "matrix-synapse.postgresql.password" . }}
{{- if and .Values.postgresql.enabled (not $postgresPass) }} {{- if and .Values.postgresql.enabled (not $postgresPass) }}
@ -116,6 +122,8 @@ spec:
volumeMounts: volumeMounts:
- name: config - name: config
mountPath: /synapse/config mountPath: /synapse/config
- name: scripts
mountPath: /opt/k8s-synapse
- name: tmpconf - name: tmpconf
mountPath: /synapse/config/conf.d mountPath: /synapse/config/conf.d
- name: secrets - name: secrets
@ -133,6 +141,10 @@ spec:
- name: config - name: config
configMap: configMap:
name: {{ include "matrix-synapse.fullname" . }} name: {{ include "matrix-synapse.fullname" . }}
- name: scripts
configMap:
name: {{ include "matrix-synapse.fullname" . }}-scripts
defaultMode: 0755
- name: secrets - name: secrets
secret: secret:
secretName: {{ include "matrix-synapse.fullname" . }} secretName: {{ include "matrix-synapse.fullname" . }}

12
charts/matrix-synapse/templates/ingress.yaml
View file

@ -109,16 +109,20 @@ spec:
{{- end }} {{- end }}
{{- if has . $wkHosts }} {{- if has . $wkHosts }}
{{- if $.Values.wellknown.enabled }}
- path: /.well-known/matrix/client - path: /.well-known/matrix/client
backend: backend:
serviceName: {{ $fullName }} serviceName: {{ $wkName }}
servicePort: 8008 servicePort: 80
{{- if $.Values.wellknown.enabled }}
- path: /.well-known/matrix/server - path: /.well-known/matrix/server
backend: backend:
serviceName: {{ $wkName }} serviceName: {{ $wkName }}
servicePort: 80 servicePort: 80
{{- else }}
- path: /.well-known/matrix/client
backend:
serviceName: {{ $fullName }}
servicePort: 8008
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}

24
charts/matrix-synapse/templates/signing-key-job.yaml
View file

@ -68,18 +68,14 @@ spec:
- sh - sh
- -c - -c
- | - |
echo "Copying key upload script..."
cp /key-upload /scripts/
echo "Generating signing key..." echo "Generating signing key..."
/usr/local/bin/generate_signing_key.py -o /synapse/keys/signing.key generate_signing_key.py -o /synapse/keys/signing.key
image: "{{ .Values.image.repository }}:{{ include "matrix-synapse.imageTag" . }}" image: "{{ .Values.signingkey.job.generateImage.repository }}:{{ default .Values.signingkey.job.generateImage.tag "latest" }}"
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.signingkey.job.generateImage.pullPolicy }}
name: signing-key-generate name: signing-key-generate
resources: resources:
{{- toYaml .Values.signingkey.resources | nindent 12 }} {{- toYaml .Values.signingkey.resources | nindent 12 }}
volumeMounts: volumeMounts:
- mountPath: /scripts
name: scripts
- mountPath: /synapse/keys - mountPath: /synapse/keys
name: matrix-synapse-keys name: matrix-synapse-keys
- command: - command:
@ -88,13 +84,12 @@ spec:
- | - |
printf "Checking rights to update secret... " printf "Checking rights to update secret... "
kubectl auth can-i update secret/${SECRET_NAME} kubectl auth can-i update secret/${SECRET_NAME}
echo "Waiting for key upload script" /scripts/signing-key.sh
while ! [ -f /scripts/key-upload ]; do sleep 1; done
/scripts/key-upload
env: env:
- name: SECRET_NAME - name: SECRET_NAME
value: {{ $secretName }} value: {{ $secretName }}
image: bitnami/kubectl image: "{{ .Values.signingkey.job.publishImage.repository }}:{{ default .Values.signingkey.job.publishImage.tag "latest" }}"
imagePullPolicy: {{ .Values.signingkey.job.publishImage.pullPolicy }}
name: signing-key-upload name: signing-key-upload
resources: resources:
{{- toYaml .Values.signingkey.resources | nindent 12 }} {{- toYaml .Values.signingkey.resources | nindent 12 }}
@ -109,7 +104,12 @@ spec:
serviceAccount: {{ $name }} serviceAccount: {{ $name }}
volumes: volumes:
- name: scripts - name: scripts
emptyDir: {} configMap:
name: {{ include "matrix-synapse.fullname" . }}-scripts
defaultMode: 0755
- name: matrix-synapse-keys - name: matrix-synapse-keys
emptyDir: {} emptyDir: {}
parallelism: 1
completions: 1
backoffLimit: 1
{{- end }} {{- end }}

13
charts/matrix-synapse/templates/well-known-config.yaml
View file

@ -23,12 +23,11 @@ data:
server.groupname = "lighttpd" server.groupname = "lighttpd"
server.document-root = {{ .Values.wellknown.htdocsPath | quote }} server.document-root = {{ .Values.wellknown.htdocsPath | quote }}
server.pid-file = "/run/lighttpd.pid" server.pid-file = "/run/lighttpd.pid"
server.errorlog = "/dev/stderr"
url.rewrite-once = ( url.rewrite-once = (
"^/\.well-known/matrix/client" => "/client.json",
"^/\.well-known/matrix/server" => "/server.json" "^/\.well-known/matrix/server" => "/server.json"
) )
status.status-url = "/server-status" status.status-url = "/server-status"
accesslog.filename = "/dev/stderr"
extforward.forwarder = ( "all" => "trust") extforward.forwarder = ( "all" => "trust")
setenv.add-response-header = ( setenv.add-response-header = (
"access-control-allow-headers" => "Origin, X-Requested-With, Content-Type, Accept, Authorization", "access-control-allow-headers" => "Origin, X-Requested-With, Content-Type, Accept, Authorization",
@ -39,5 +38,15 @@ data:
"content-type" => "application/json" "content-type" => "application/json"
) )
server.json: |- server.json: |-
{{- if .Values.wellknown.server }}
{{ toJson .Values.wellknown.server | nindent 4 }}
{{- else }}
{{ dict "m.server" (printf "%s:%d" (.Values.wellknown.host | default (.Values.publicServerName | default .Values.serverName)) (.Values.wellknown.port | default 443)) | toJson | indent 4 }} {{ dict "m.server" (printf "%s:%d" (.Values.wellknown.host | default (.Values.publicServerName | default .Values.serverName)) (.Values.wellknown.port | default 443)) | toJson | indent 4 }}
{{- end }} {{- end }}
client.json: |-
{{- if .Values.wellknown.client }}
{{ toJson .Values.wellknown.client | nindent 4 }}
{{- else }}
{{ dict "m.homeserver" (dict "base_url" (printf "https://%s/" (.Values.publicServerName | default .Values.serverName))) | toJson | indent 4 }}
{{- end }}
{{- end -}}

3
charts/matrix-synapse/templates/well-known.yaml
View file

@ -64,6 +64,9 @@ spec:
- mountPath: /etc/lighttpd/lighttpd.conf - mountPath: /etc/lighttpd/lighttpd.conf
name: files name: files
subPath: lighttpd.conf subPath: lighttpd.conf
- mountPath: {{ .Values.wellknown.htdocsPath }}/client.json
name: files
subPath: client.json
- mountPath: {{ .Values.wellknown.htdocsPath }}/server.json - mountPath: {{ .Values.wellknown.htdocsPath }}/server.json
name: files name: files
subPath: server.json subPath: server.json

16
charts/matrix-synapse/templates/worker-configuration.yaml
View file

@ -21,7 +21,13 @@ data:
{{- $name := $worker | replace "_" "-" }} {{- $name := $worker | replace "_" "-" }}
{{ $name }}.worker: | {{ $name }}.worker: |
worker_app: "synapse.app.{{ $worker }}" worker_app: "synapse.app.{{ (not (not $config.generic)) | ternary "generic_worker" $worker }}"
{{- if $config.name -}}
{{- if (ne $config.replicaCount 1) -}}
{{- fail "Replica count must be 1 if a worker has a unique name." -}}
{{- end }}
worker_name: {{ $config.name }}
{{- end }}
worker_main_http_uri: http://{{ include "matrix-synapse.fullname" $ }}:8008 worker_main_http_uri: http://{{ include "matrix-synapse.fullname" $ }}:8008
worker_replication_host: {{ include "matrix-synapse.replicationname" $ | quote }} worker_replication_host: {{ include "matrix-synapse.replicationname" $ | quote }}
@ -45,11 +51,17 @@ data:
x_forwarded: true x_forwarded: true
resources: resources:
- names: {{- toYaml $config.listeners | nindent 14 }} - names:
{{- toYaml $config.listeners | nindent 14 }}
compress: false compress: false
{{- end }} {{- end }}
worker_log_config: /synapse/config/log.yaml worker_log_config: /synapse/config/log.yaml
{{- if $config.extraConfig }}
# Extra config
{{ toYaml $config.extraConfig | nindent 4 }}
{{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}
{{- end }} {{- end }}

10
charts/matrix-synapse/templates/worker-deployment.yaml
View file

@ -20,7 +20,8 @@ spec:
template: template:
metadata: metadata:
annotations: annotations:
checksum/config: {{ include (print $.Template.BasePath "/worker-configuration.yaml") $ | sha256sum }} checksum/config: {{ include (print $.Template.BasePath "/configuration.yaml") $ | sha256sum }}
checksum/worker-config: {{ include (print $.Template.BasePath "/worker-configuration.yaml") $ | sha256sum }}
checksum/secrets: {{ include (print $.Template.BasePath "/secrets.yaml") $ | sha256sum }} checksum/secrets: {{ include (print $.Template.BasePath "/secrets.yaml") $ | sha256sum }}
{{- with ($config.annotations | default $default.annotations) }} {{- with ($config.annotations | default $default.annotations) }}
{{ . | toYaml | nindent 8 }} {{ . | toYaml | nindent 8 }}
@ -62,7 +63,10 @@ spec:
-e "s/@@REDIS_PASSWORD@@/${REDIS_PASSWORD:-}/" \ -e "s/@@REDIS_PASSWORD@@/${REDIS_PASSWORD:-}/" \
> /synapse/config/conf.d/secrets.yaml > /synapse/config/conf.d/secrets.yaml
/matrix-synapse synapse.app.{{ $worker }} -c /synapse/config/{{ $name }}.worker exec python -B -m synapse.app.{{ (not (not $config.generic)) | ternary "generic_worker" $worker }} \
-c /synapse/config/homeserver.yaml \
-c /synapse/config/conf.d/ \
-c /synapse/config/{{ $name }}.worker
env: env:
{{- if $.Values.postgresql.enabled }} {{- if $.Values.postgresql.enabled }}
- name: POSTGRES_PASSWORD - name: POSTGRES_PASSWORD
@ -83,7 +87,7 @@ spec:
{{- end }} {{- end }}
securityContext: securityContext:
{{- $config.securityContext | default $default.securityContext | toYaml | nindent 12 }} {{- $config.securityContext | default $default.securityContext | toYaml | nindent 12 }}
image: "{{ $.Values.image.repository }}:{{ $.Chart.AppVersion }}" image: "{{ $.Values.image.repository }}:{{ include "matrix-synapse.imageTag" $ }}"
imagePullPolicy: {{ $.Values.image.pullPolicy }} imagePullPolicy: {{ $.Values.image.pullPolicy }}
ports: ports:
- name: metrics - name: metrics

85
charts/matrix-synapse/values.yaml
View file

@ -2,7 +2,7 @@
## Docker image configuration, used for Synapse and workers. ## Docker image configuration, used for Synapse and workers.
## ##
image: image:
repository: ananace/matrix-synapse repository: matrixdotorg/synapse
## Tag to override with, will default to the application version. ## Tag to override with, will default to the application version.
## ##
# tag: '' # tag: ''
@ -31,6 +31,16 @@ signingkey:
job: job:
enabled: true enabled: true
generateImage:
repository: matrixdotorg/synapse
#tag: latest
pullPolicy: IfNotPresent
publishImage:
repository: bitnami/kubectl
# tag: latest
pullPolicy: IfNotPresent
## Specify an existing signing key secret, will need to be created in advance. ## Specify an existing signing key secret, will need to be created in advance.
## ##
# existingSecret: # existingSecret:
@ -149,14 +159,14 @@ synapse:
## Additional environment variables to apply to the main Synapse pod ## Additional environment variables to apply to the main Synapse pod
## ##
extraEnv: {} extraEnv: {}
# - name: USE_JEMALLOC # - name: LD_PRELOAD
# value: "1" # value: /usr/lib/x86_64-linux-gnu/libjemalloc.so.2
# - name: SYNAPSE_CACHE_FACTOR # - name: SYNAPSE_CACHE_FACTOR
# value: "2" # value: "2"
## Additional volumes to mount into Synapse ## Additional volumes to mount into Synapse
## ##
extraVolumes: {} extraVolumes: []
# - name: spamcheck # - name: spamcheck
# flexVolume: # flexVolume:
# driver: ananace/git-live # driver: ananace/git-live
@ -164,7 +174,7 @@ synapse:
# repo: https://github.com/company/synapse-module # repo: https://github.com/company/synapse-module
# interval: 1d # interval: 1d
# readOnly: true # readOnly: true
extraVolumeMounts: {} extraVolumeMounts: []
# - name: spamcheck # - name: spamcheck
# mountPath: /usr/local/lib/python3.7/site-packages/company # mountPath: /usr/local/lib/python3.7/site-packages/company
@ -236,6 +246,13 @@ workers:
## ##
replicaCount: 1 replicaCount: 1
## A specific name for this worker, can't be set globally.
## Note that this can only be set when replicaCount is 1
#name:
## Additional configuration to set for the worker, can't be set globally.
#extraConfig: {}
## Annotations to apply to the worker. ## Annotations to apply to the worker.
## ##
annotations: {} annotations: {}
@ -246,16 +263,16 @@ workers:
## Additional environment variables to add to the worker. ## Additional environment variables to add to the worker.
## ##
extraEnv: {} extraEnv: {}
# - name: USE_JEMALLOC # - name: LD_PRELOAD
# value: "1" # value: /usr/lib/x86_64-linux-gnu/libjemalloc.so.2
# - name: SYNAPSE_CACHE_FACTOR # - name: SYNAPSE_CACHE_FACTOR
# value: "1.0" # value: "1.0"
## Additional volumes to add to the worker. ## Additional volumes to add to the worker.
## Useful for the media repo, or for adding Python modules. ## Useful for the media repo, or for adding Python modules.
## ##
volumes: {} volumes: []
volumeMounts: {} volumeMounts: []
## Security context information to set to the worker. ## Security context information to set to the worker.
## ##
@ -303,6 +320,7 @@ workers:
## ##
generic_worker: generic_worker:
enabled: false enabled: false
generic: true
listeners: [client, federation] listeners: [client, federation]
csPaths: csPaths:
# - "/_matrix/client/(v2_alpha|r0)/sync" # - "/_matrix/client/(v2_alpha|r0)/sync"
@ -350,9 +368,34 @@ workers:
- "/_matrix/federation/v1/event_auth/" - "/_matrix/federation/v1/event_auth/"
- "/_matrix/federation/v1/exchange_third_party_invite/" - "/_matrix/federation/v1/exchange_third_party_invite/"
- "/_matrix/federation/v1/user/devices/" - "/_matrix/federation/v1/user/devices/"
- "/_matrix/federation/v1/send/"
- "/_matrix/federation/v1/get_groups_publicised" - "/_matrix/federation/v1/get_groups_publicised"
- "/_matrix/key/v2/query" - "/_matrix/key/v2/query"
- "/_matrix/federation/v1/send/"
## To separate the generic worker into specific concerns - for example federation transaction receiving;
## NB; This worker should have incoming traffic routed based on source IP, which is
## left as an exercise to the reader.
## https://github.com/matrix-org/synapse/blob/develop/docs/workers.md#load-balancing
#federation_reader:
# enabled: true
# generic: true
# listeners: [federation]
# paths:
# - "/_matrix/federation/v1/send/"
## Or /sync handling.
## NB; Care should be taken to route users to the same instance when scaling this worker,
## this is left as an exercise to the reader.
## https://github.com/matrix-org/synapse/blob/develop/docs/workers.md#load-balancing
#synchrotron:
# enabled: true
# generic: true
# listeners: [client]
# csPaths:
# - "/_matrix/client/(v2_alpha|r0)/sync"
# - "/_matrix/client/(api/v1|v2_alpha|r0)/events"
# - "/_matrix/client/(api/v1|r0)/initialSync"
# - "/_matrix/client/(api/v1|r0)/rooms/[^/]+/initialSync"
## This worker deals with pushing notifications. ## This worker deals with pushing notifications.
## NB; Only one instance of this worker can be run at a time, refer to the ## NB; Only one instance of this worker can be run at a time, refer to the
@ -418,8 +461,14 @@ wellknown:
## The host and port combo to serve on .well-known/matrix/server. ## The host and port combo to serve on .well-known/matrix/server.
## ##
# host: matrix.example.com server: {}
# port: 443 # m.server: matrix.example.com:443
## Data to serve on .well-known/matrix/client.
##
client: {}
# m.homeserver:
# base_url: https://matrix.example.com
## A custom htdocs path, useful when running another image. ## A custom htdocs path, useful when running another image.
## ##
@ -485,13 +534,17 @@ wellknown:
postgresql: postgresql:
enabled: true enabled: true
# XXX Change me!
postgresqlPassword: synapse
postgresqlUsername: synapse postgresqlUsername: synapse
postgresqlDatabase: synapse postgresqlDatabase: synapse
postgresqlInitdbArgs: "--lc-collate=C --lc-ctype=C" postgresqlInitdbArgs: "--lc-collate=C --lc-ctype=C"
persistence: persistence:
size: 16G # storageClass: "-"
size: 16Gi
## An externally configured Postgres server to use for Synapse's database, note ## An externally configured Postgres server to use for Synapse's database, note
## that the database needs to have both COLLATE and CTYPE set to "C". ## that the database needs to have both COLLATE and CTYPE set to "C".
@ -511,8 +564,10 @@ externalPostgresql:
redis: redis:
enabled: true enabled: true
# usePassword: false # XXX Change me!
# password: synapse usePassword: true
password: synapse
cluster: cluster:
enabled: false enabled: false
master: master:

4
charts/netbox/Chart.yaml
View file

@ -1,6 +1,6 @@
--- ---
apiVersion: v1 apiVersion: v1
appVersion: 2.10.5 appVersion: 2.10.6
description: | description: |
An IP address management (IPAM) and data center infrastructure management (DCIM) tool. An IP address management (IPAM) and data center infrastructure management (DCIM) tool.
@ -8,4 +8,4 @@ description: |
https://github.com/netbox-community/netbox-docker/releases/tag/1.0.0 for more info. https://github.com/netbox-community/netbox-docker/releases/tag/1.0.0 for more info.
icon: https://raw.githubusercontent.com/digitalocean/netbox/develop/netbox/project-static/img/netbox.ico icon: https://raw.githubusercontent.com/digitalocean/netbox/develop/netbox/project-static/img/netbox.ico
name: netbox name: netbox
version: 3.0.2 version: 3.0.3

BIN
charts/netbox/charts/postgresql-8.9.4.tgz
View file

Binary file not shown.

BIN
charts/netbox/charts/redis-10.6.12.tgz
View file

Binary file not shown.