87 lines
2.5 KiB
YAML
87 lines
2.5 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ include "matrix-synapse.fullname" . }}
|
|
labels:
|
|
{{- include "matrix-synapse.labels" . | nindent 4 }}
|
|
stringData:
|
|
config.yaml: |
|
|
{{- if .Values.config.recaptcha }}
|
|
## Captcha ##
|
|
|
|
recaptcha_private_key: {{ .Values.config.recaptcha.privateKey | quote }}
|
|
{{- end }}
|
|
{{- if .Values.config.turnSecret }}
|
|
|
|
## Turn ##
|
|
|
|
turn_shared_secret: {{ .Values.config.turnSecret | quote }}
|
|
|
|
{{- end }}
|
|
## Registration ##
|
|
|
|
registration_shared_secret: {{ .Values.config.registrationSharedSecret | default (randAlphaNum 24) | quote }}
|
|
|
|
## API Configuration ##
|
|
|
|
{{- if .Values.config.macaroonSecretKey }}
|
|
|
|
macaroon_secret_key: {{ .Values.config.macaroonSecretKey | quote }}
|
|
{{- end }}
|
|
|
|
{{- $postgresHost := include "matrix-synapse.postgresql.host" . }}
|
|
{{- $postgresDB := include "matrix-synapse.postgresql.database" . }}
|
|
{{- $postgresUser := include "matrix-synapse.postgresql.username" . }}
|
|
{{- $postgresPort := include "matrix-synapse.postgresql.port" . }}
|
|
{{- $postgresPass := include "matrix-synapse.postgresql.password" . }}
|
|
|
|
## Database configuration ##
|
|
|
|
database:
|
|
name: "psycopg2"
|
|
args:
|
|
user: {{ $postgresUser | quote }}
|
|
{{- if $postgresPass }}
|
|
password: {{ $postgresPass | quote }}
|
|
{{- else }}
|
|
password: "@@POSTGRES_PASSWORD@@"
|
|
{{- end }}
|
|
database: {{ $postgresDB | quote }}
|
|
host: {{ $postgresHost | quote }}
|
|
port: {{ $postgresPort }}
|
|
cp_min: 5
|
|
cp_max: 10
|
|
|
|
{{- $redisHost := include "matrix-synapse.redis.host" . }}
|
|
{{- $redisPort := include "matrix-synapse.redis.port" . }}
|
|
{{- $redisPass := include "matrix-synapse.redis.password" . }}
|
|
|
|
## Redis configuration ##
|
|
|
|
redis:
|
|
enabled: true
|
|
host: {{ $redisHost | quote }}
|
|
{{- if or .Values.redis.password .Values.externalRedis.password }}
|
|
{{- if $redisPass }}
|
|
password: {{ $redisPass | quote }}
|
|
{{- else }}
|
|
password: "@@REDIS_PASSWORD@@"
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{- if and .Values.signingkey.job.enabled (not .Values.signingkey.existingSecret) }}
|
|
{{- $name := include "matrix-synapse.workername" (dict "global" . "worker" "signingkey") }}
|
|
{{- if not (lookup "v1" "Secret" .Release.Namespace $name) }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
annotations:
|
|
helm.sh/resource-policy: keep
|
|
name: {{ $name }}
|
|
labels:
|
|
{{- include "matrix-synapse.labels" . | nindent 4 }}
|
|
app.kubernetes.io/component: signingkey-job
|
|
{{- end }}
|
|
{{- end }}
|