{{ if (gt (len (.Files.Glob "appservices/*")) 0) }}
---
apiVersion: v1
kind: Secret
metadata:
  name: {{ include "dendrite.fullname" . }}-appservices-conf
  namespace: {{ .Release.Namespace }}
type: Opaque
data:
{{ (.Files.Glob "appservices/*").AsSecrets | indent 2 }}
{{ end }}
{{ if and .Values.signing_key.create (not .Values.signing_key.existingSecret) }}
---
apiVersion: v1
kind: Secret
metadata:
  annotations:
    helm.sh/resource-policy: keep
  name: {{ include "dendrite.fullname" . }}-signing-key
  namespace: {{ .Release.Namespace }}
type: Opaque
{{ end }}

{{- $connectionString := print "postgresql://" .Values.dendrite_config.global.database.user ":" .Values.dendrite_config.global.database.password "@" .Values.dendrite_config.global.database.host }}
{{- if .Values.postgresql.enabled }}
{{- $connectionString = print "postgresql://" .Values.postgresql.auth.username ":" .Values.postgresql.auth.password "@" .Release.Name "-postgresql/dendrite" -}}
{{ end }}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: {{ include "dendrite.fullname" . }}-conf
  namespace: {{ .Release.Namespace }}
stringData:
  dendrite.yaml: |
    version: 2
    global:
      server_name: {{ .Values.dendrite_config.global.server_name }}
      private_key: /etc/dendrite/secrets/signing.key
      key_id: ed25519:auto
      key_validity_period: {{ .Values.dendrite_config.global.key_validity_period | quote }}
      database:
        connection_string: {{ $connectionString }}?sslmode=disable
        max_open_conns: {{ .Values.dendrite_config.global.database.max_open_conns }}
        max_idle_conns: {{ .Values.dendrite_config.global.database.max_idle_conns }}
        conn_max_lifetime: {{ .Values.dendrite_config.global.database.conn_max_lifetime }}
      cache:
        max_size_estimated: {{ .Values.dendrite_config.global.cache.max_size_estimated | quote }}
        max_age: {{ .Values.dendrite_config.global.cache.max_age }}
      well_known_server_name: {{ .Values.dendrite_config.global.well_known_server_name | quote }}
      well_known_client_name: {{ .Values.dendrite_config.global.well_known_client_name | quote }}
      trusted_third_party_id_servers:
      {{- toYaml .Values.dendrite_config.global.trusted_third_party_id_servers | nindent 8 }}
      disable_federation: {{ .Values.dendrite_config.global.disable_federation }}
      report_stats:
        {{- toYaml .Values.dendrite_config.global.report_stats | nindent 8 }}
      presence:
        {{- toYaml .Values.dendrite_config.global.presence | nindent 8 }}
      server_notices:
        {{- toYaml .Values.dendrite_config.global.server_notices | nindent 8 }}
      jetstream:
        in_memory: false
        storage_path: /data/jetstream
      metrics:
        {{- toYaml .Values.dendrite_config.global.metrics | nindent 8 }}
      dns_cache:
        {{- toYaml .Values.dendrite_config.global.dns_cache | nindent 8 }}
    mscs:
      mscs:
        {{- toYaml .Values.dendrite_config.mscs.mscs | nindent 8 }}
    app_service_api:
      disable_tls_validation: {{ .Values.dendrite_config.app_service_api.disable_tls_validation }} 
      config_files:
        {{- range $x, $y := .Files.Glob "appservices/*" }}
          - /etc/dendrite/appservices/{{ base $x }}
        {{ end }}
    client_api:
      {{- toYaml .Values.dendrite_config.clientapi | nindent 6 }}
    federation_api:
      {{- toYaml .Values.dendrite_config.federation_api | nindent 6 }}
    media_api:
      base_path: /data/media_store
      max_file_size_bytes: {{ int .Values.dendrite_config.mediaapi.max_file_size_bytes }}
      dynamic_thumbnails: {{ .Values.dendrite_config.mediaapi.dynamic_thumbnails }}
      max_thumbnail_generators: {{ .Values.dendrite_config.mediaapi.max_thumbnail_generators }}
      thumbnail_sizes:
        {{- toYaml .Values.dendrite_config.mediaapi.thumbnail_sizes | nindent 8 }}
    sync_api:
      {{- toYaml .Values.dendrite_config.sync_api | nindent 6 }}
    logging:
      {{- toYaml .Values.dendrite_config.logging | nindent 6 }}