grant/fog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add synapse

Browse Source
This commit is contained in:
Grant 2025-02-02 15:56:47 -07:00
parent cc56f13a9b
commit 885e376e06
3 changed files with 90 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
README.md
View File

@ -10,9 +10,9 @@ Like the cloud but local.
### Add node to talos cluster ### Add node to talos cluster
```sh ```sh
talosctl apply-config --insecure -n 192.168.1.38 --file worker.yaml talosctl apply-config [--insecure] -n 192.168.1.38 --file worker.yaml
talosctl apply-config --insecure -n 192.168.1.39 --file worker.yaml talosctl apply-config [--insecure] -n 192.168.1.39 --file worker.yaml
talosctl apply-config --insecure -n 192.168.1.43 --file controlplane.yaml talosctl apply-config [--insecure] -n 192.168.1.43 --file controlplane.yaml
``` ```
### Update context ### Update context
```sh ```sh
@ -97,7 +97,14 @@ helm repo add ananace-charts https://ananace.gitlab.io/charts
kubectl create ns goatchat kubectl create ns goatchat
kubectl create secret generic goatchatca-signingkey --from-literal=signing.key=$GOATCHAT_SYNAPSE_SIGNING_KEY kubectl create secret generic goatchatca-signingkey --from-literal=signing.key=$GOATCHAT_SYNAPSE_SIGNING_KEY
helm upgrade --create-namespace --namespace goatchat goatchat ananace-charts/matrix-synapse --values synapse/values.yaml --install helm upgrade --create-namespace \
--namespace goatchat \
goatchat ananace-charts/matrix-synapse \
--set config.macaroonSecretKey=$GOATCHAT_SYNAPSE_MACAROON_SECRET_KEY \
--set config.registrationSharedSecret=$GOATCHAT_REGISTRATION_SHARED_SECRET \
--set extraConfig.email.smtp_pass=$GOATCHAT_SMTP_PASSWORD \
--values synapse/values.yaml \
--install
``` ```
### Install Matrix Registration ### Install Matrix Registration

5
metallb/kubeproxy.yaml
View File

@ -1,5 +0,0 @@
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
mode: "ipvs"
ipvs:
strictARP: true

79
synapse/values.yaml Normal file
View File

@ -0,0 +1,79 @@
image:
tag: v1.123.0
serverName: 'goatchat.ca'
publicServerName: 'goatchat.ca'
wellknown:
enabled: true
signingkey:
job:
enabled: false
existingSecret: goatchatca-signingkey
existingSecretKey: signing.key
synapse:
strategy:
type: Recreate
config:
macaroonSecretKey: # set through cli args
registrationSharedSecret: # set through cli args
extraConfig:
url_preview_enabled: true
url_preview_ip_range_blacklist:
- '127.0.0.0/8'
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
- '100.64.0.0/10'
- '169.254.0.0/16'
- '::1/128'
- 'fe80::/64'
- 'fc00::/7'
max_upload_size: 100M
email:
enable_notifs: true
smtp_host: "smtp.sendgrid.net"
smtp_port: 587
smtp_user: "apikey"
smtp_pass: # set through cli args
require_transport_security: true
notif_from: "Your Friendly %(app)s homeserver <noreply@goatchat.ca>"
app_name: Goatchat
validation_token_lifetime: 1h
user_directory:
enabled: false
search_all_users: true
prefer_local_users: true
server_notices:
system_mxid_localpart: notices
system_mxid_display_name: "Screaming Goat"
system_mxid_avatar_url: ""
room_name: "Goatchat Notices"
room_avatar_url: ""
room_topic: "Room used by your server admin to notify you of important information"
auto_join: true
ingress:
traefikPaths: true
annotations:
"traefik.ingress.kubernetes.io/router.tls.certresolver": "letsencrypt"
persistence:
size: 30Gi
postgresql:
enabled: false
externalPostgresql:
host: postgres-primary.datastore.svc
existingSecret: postgres-pguser-synapse
existingSecretPasswordKey: password