forked from hswaw/hscloud
app/matrix: synapse upgrade
Change-Id: Ice5f70be190126da5eecfc1d5ec5c1f746679ec9master
parent
5b1aa134fe
commit
8ebfc1d338
|
@ -29,6 +29,7 @@ database:
|
|||
name: "psycopg2"
|
||||
args:
|
||||
user: "synapse"
|
||||
password: "{{ POSTGRES_PASSWORD }}"
|
||||
database: "synapse"
|
||||
host: "postgres"
|
||||
port: "5432"
|
||||
|
@ -83,6 +84,7 @@ max_spider_size: "10M"
|
|||
## Registration ##
|
||||
|
||||
enable_registration: False
|
||||
registration_shared_secret: "{{ SYNAPSE_REGISTRATION_SHARED_SECRET }}"
|
||||
bcrypt_rounds: 12
|
||||
allow_guest_access: True
|
||||
enable_group_creation: true
|
||||
|
@ -111,7 +113,15 @@ room_invite_state_types:
|
|||
- "m.room.name"
|
||||
|
||||
|
||||
app_service_config_files: ["/appservices/irc-freenode/registration.yaml"]
|
||||
{% if SYNAPSE_APPSERVICES %}
|
||||
app_service_config_files:
|
||||
{% for appservice in SYNAPSE_APPSERVICES %} - "{{ appservice }}"
|
||||
{% endfor %}
|
||||
{% else %}
|
||||
app_service_config_files: []
|
||||
{% endif %}
|
||||
|
||||
macaroon_secret_key: "{{ SYNAPSE_MACAROON_SECRET_KEY }}"
|
||||
expire_access_token: False
|
||||
|
||||
## Signing Keys ##
|
||||
|
|
|
@ -16,7 +16,7 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
serverName: "hackerspace.pl",
|
||||
storageClassName: "waw-hdd-paranoid-2",
|
||||
|
||||
synapseImage: "informatic/synapse:v1.2.1-env-conf-rev2", // https://github.com/Informatic/synapse/tree/env_config (to be upstreamed...)
|
||||
synapseImage: "matrixdotorg/synapse:v1.11.1",
|
||||
riotImage: "bubuntux/riot-web:v1.3.2",
|
||||
casProxyImage: "registry.k0.hswaw.net/q3k/oauth2-cas-proxy:0.1.4"
|
||||
},
|
||||
|
@ -102,7 +102,7 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
spec+: {
|
||||
volumes_: {
|
||||
data: kube.PersistentVolumeClaimVolume(app.dataVolume),
|
||||
config: kube.ConfigMapVolume(app.synapseConfig),
|
||||
config_template: kube.ConfigMapVolume(app.synapseConfig),
|
||||
} + {
|
||||
[k]: { secret: { secretName: "appservice-%s-registration" % [k] } }
|
||||
for k in std.objectFields(app.appservices)
|
||||
|
@ -110,20 +110,28 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
containers_: {
|
||||
web: kube.Container("synapse") {
|
||||
image: cfg.synapseImage,
|
||||
command: ["/bin/sh", "-c", "/start.py migrate_config && exec /start.py"],
|
||||
ports_: {
|
||||
http: { containerPort: 8008 },
|
||||
},
|
||||
env_: {
|
||||
SYNAPSE_CONFIG_DIR: "/config",
|
||||
SYNAPSE_CONFIG_PATH: "/config/homeserver.yaml",
|
||||
|
||||
SYNAPSE_macaroon_secret_key: { secretKeyRef: { name: "synapse", key: "macaroon_secret_key" } },
|
||||
SYNAPSE_registration_shared_secret: { secretKeyRef: { name: "synapse", key: "registration_shared_secret" } },
|
||||
SYNAPSE_database__args__password: { secretKeyRef: { name: "synapse", key: "postgres_password" } },
|
||||
# These values are not used in a template, but
|
||||
# are required by /start.py migrate_config
|
||||
SYNAPSE_SERVER_NAME: "hackerspace.pl",
|
||||
SYNAPSE_REPORT_STATS: "no",
|
||||
|
||||
SYNAPSE_MACAROON_SECRET_KEY: { secretKeyRef: { name: "synapse", key: "macaroon_secret_key" } },
|
||||
SYNAPSE_REGISTRATION_SHARED_SECRET: { secretKeyRef: { name: "synapse", key: "registration_shared_secret" } },
|
||||
POSTGRES_PASSWORD: { secretKeyRef: { name: "synapse", key: "postgres_password" } },
|
||||
},
|
||||
volumeMounts_: {
|
||||
data: { mountPath: "/data" },
|
||||
config: {
|
||||
mountPath: "/config",
|
||||
config_template: {
|
||||
mountPath: "/conf/homeserver.yaml",
|
||||
subPath: "homeserver.yaml",
|
||||
},
|
||||
} + {
|
||||
[k]: { mountPath: "/appservices/%s" % [k] }
|
||||
|
|
Loading…
Reference in New Issue