From 885e376e0640f921786a0806e7ca2eebb428448e Mon Sep 17 00:00:00 2001 From: Grant <5445379+grantdhunter@users.noreply.github.com> Date: Sun, 2 Feb 2025 15:56:47 -0700 Subject: [PATCH] Add synapse --- README.md | 15 +++++--- metallb/kubeproxy.yaml | 5 --- synapse/values.yaml | 79 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 90 insertions(+), 9 deletions(-) delete mode 100644 metallb/kubeproxy.yaml create mode 100644 synapse/values.yaml diff --git a/README.md b/README.md index b56e371..3c75a60 100644 --- a/README.md +++ b/README.md @@ -10,9 +10,9 @@ Like the cloud but local. ### Add node to talos cluster ```sh -talosctl apply-config --insecure -n 192.168.1.38 --file worker.yaml -talosctl apply-config --insecure -n 192.168.1.39 --file worker.yaml -talosctl apply-config --insecure -n 192.168.1.43 --file controlplane.yaml +talosctl apply-config [--insecure] -n 192.168.1.38 --file worker.yaml +talosctl apply-config [--insecure] -n 192.168.1.39 --file worker.yaml +talosctl apply-config [--insecure] -n 192.168.1.43 --file controlplane.yaml ``` ### Update context ```sh @@ -97,7 +97,14 @@ helm repo add ananace-charts https://ananace.gitlab.io/charts kubectl create ns goatchat kubectl create secret generic goatchatca-signingkey --from-literal=signing.key=$GOATCHAT_SYNAPSE_SIGNING_KEY -helm upgrade --create-namespace --namespace goatchat goatchat ananace-charts/matrix-synapse --values synapse/values.yaml --install +helm upgrade --create-namespace \ + --namespace goatchat \ + goatchat ananace-charts/matrix-synapse \ + --set config.macaroonSecretKey=$GOATCHAT_SYNAPSE_MACAROON_SECRET_KEY \ + --set config.registrationSharedSecret=$GOATCHAT_REGISTRATION_SHARED_SECRET \ + --set extraConfig.email.smtp_pass=$GOATCHAT_SMTP_PASSWORD \ + --values synapse/values.yaml \ + --install ``` ### Install Matrix Registration diff --git a/metallb/kubeproxy.yaml b/metallb/kubeproxy.yaml deleted file mode 100644 index e87d364..0000000 --- a/metallb/kubeproxy.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: kubeproxy.config.k8s.io/v1alpha1 -kind: KubeProxyConfiguration -mode: "ipvs" -ipvs: - strictARP: true diff --git a/synapse/values.yaml b/synapse/values.yaml new file mode 100644 index 0000000..42bda2f --- /dev/null +++ b/synapse/values.yaml @@ -0,0 +1,79 @@ +image: + tag: v1.123.0 + +serverName: 'goatchat.ca' +publicServerName: 'goatchat.ca' + +wellknown: + enabled: true + +signingkey: + job: + enabled: false + existingSecret: goatchatca-signingkey + existingSecretKey: signing.key + +synapse: + strategy: + type: Recreate +config: + macaroonSecretKey: # set through cli args + registrationSharedSecret: # set through cli args + +extraConfig: + url_preview_enabled: true + url_preview_ip_range_blacklist: + - '127.0.0.0/8' + - '10.0.0.0/8' + - '172.16.0.0/12' + - '192.168.0.0/16' + - '100.64.0.0/10' + - '169.254.0.0/16' + - '::1/128' + - 'fe80::/64' + - 'fc00::/7' + + max_upload_size: 100M + + email: + enable_notifs: true + smtp_host: "smtp.sendgrid.net" + smtp_port: 587 + smtp_user: "apikey" + smtp_pass: # set through cli args + require_transport_security: true + notif_from: "Your Friendly %(app)s homeserver " + app_name: Goatchat + validation_token_lifetime: 1h + + + user_directory: + enabled: false + search_all_users: true + prefer_local_users: true + + server_notices: + system_mxid_localpart: notices + system_mxid_display_name: "Screaming Goat" + system_mxid_avatar_url: "" + room_name: "Goatchat Notices" + room_avatar_url: "" + room_topic: "Room used by your server admin to notify you of important information" + auto_join: true + + +ingress: + traefikPaths: true + annotations: + "traefik.ingress.kubernetes.io/router.tls.certresolver": "letsencrypt" + + +persistence: + size: 30Gi + +postgresql: + enabled: false +externalPostgresql: + host: postgres-primary.datastore.svc + existingSecret: postgres-pguser-synapse + existingSecretPasswordKey: password