{{ if (gt (len (.Files.Glob "appservices/*")) 0) }}
---
apiVersion: v1
kind: Secret
metadata:
  name: {{ .Release.Name }}-appservices-conf
  namespace: {{ .Release.Namespace }}
type: Opaque
data:
{{ (.Files.Glob "appservices/*").AsSecrets | indent 2 }}
{{ end }}
{{ if and .Values.signing_key.create (not .Values.signing_key.existingSecret) }}
---
apiVersion: v1
kind: Secret
metadata:
  annotations:
    helm.sh/resource-policy: keep
  name: {{ .Release.Name }}-signing-key
  namespace: {{ .Release.Namespace }}
type: Opaque
{{ end }}

{{- $connectionString := print "postgresql://" .Values.global.database.user ":" .Values.global.database.password "@" .Values.global.database.host }}
{{- if .Values.postgresql.enabled }}
{{- $connectionString = print "postgresql://" .Values.postgresql.auth.username ":" .Values.postgresql.auth.password "@" .Release.Name "-postgresql/dendrite" -}}
{{ end }}
---
apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: {{ .Release.Name }}-conf
  namespace: {{ .Release.Namespace }}
stringData:
  dendrite.yaml: |
    version: 2
    global:
      server_name: {{ .Values.global.server_name }}
      private_key: /etc/dendrite/secrets/signing.key
      key_id: ed25519:auto
      key_validity_period: {{ .Values.global.key_validity_period | quote }}
      database:
        connection_string: {{ $connectionString }}?sslmode=disable
        max_open_conns: {{ default 90 .Values.global.database.max_open_conns }}
        max_idle_conns: {{ default 5 .Values.global.database.max_idle_conns }}
        conn_max_lifetime: {{ default -1 .Values.global.database.conn_max_lifetime }}
      cache:
        max_size_estimated: {{ default "1gb" .Values.global.cache.max_size_estimated | quote }}
        max_age: {{ default "1h" .Values.global.cache.max_age }}
      well_known_server_name: {{ default "" .Values.global.well_known_server_name | quote }}
      well_known_client_name: {{ default "" .Values.global.well_known_client_name | quote }}
      trusted_third_party_id_servers:
      {{- toYaml .Values.global.trusted_third_party_id_servers | nindent 8 }}
      disable_federation: {{ .Values.global.disable_federation }}
      report_stats:
        {{- toYaml .Values.global.report_stats | nindent 8 }}
      presence:
        {{- toYaml .Values.global.presence | nindent 8 }}
      server_notices:
        {{- toYaml .Values.global.server_notices | nindent 8 }}
      jetstream:
        in_memory: false
        storage_path: /data/jetstream
      metrics:
        {{- toYaml .Values.global.metrics | nindent 8 }}
      dns_cache:
        {{- toYaml .Values.global.dns_cache | nindent 8 }}
    mscs:
      mscs:
        {{- toYaml .Values.global.mscs | nindent 8 }}
    app_service_api:
      config_files:
        {{- range $x, $y := .Files.Glob "appservices/*" }}
          - /etc/dendrite/appservices/{{ base $x }}
        {{ end }}
    client_api:
    {{- with .Values.clientapi }}
      registration_disabled: {{ .registration_disabled }}
      guests_disabled: {{ .guests_disabled }}
      registration_shared_secret: {{ .shared_secret | quote }}
      enable_registration_captcha:  {{ .enable_registration_captcha }}
      recaptcha_public_key: {{ .recaptcha_public_key | quote }}
      recaptcha_private_key: {{ .recaptcha_private_key | quote}}
      recaptcha_bypass_secret: {{ .recaptcha_bypass_secret | quote}}
      recaptcha_siteverify_api: {{ .recaptcha_siteverify_api | quote}}
      turn:
        {{- toYaml .turn | nindent 8 }}
      rate_limiting:
        {{- toYaml .rate_limiting | nindent 8 }}
    {{ end }}
    federation_api:
      #federation_certificates: []
      send_max_retries: {{ default 16 .Values.federationapi.send_max_retries }}
      disable_tls_validation: {{ default false .Values.federationapi.disable_tls_validation }}
      key_perspectives:
      - server_name: matrix.org
        keys:
        - key_id: ed25519:auto
          public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw
        - key_id: ed25519:a_RXGa
          public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ 
      prefer_direct_fetch: {{ .Values.federationapi.prefer_direct_fetch }}
    media_api:
      base_path: /data/media_store
      max_file_size_bytes: {{ int (default "10485760" .Values.mediaapi.max_file_size_bytes) }}
      dynamic_thumbnails: {{ .Values.mediaapi.dynamic_thumbnails }}
      max_thumbnail_generators: {{ .Values.mediaapi.max_thumbnail_generators }}
      thumbnail_sizes:
        {{- toYaml .Values.mediaapi.thumbnail_sizes | nindent 8 }}
    room_server:
    sync_api:
      real_ip_header: {{ .Values.syncapi.real_ip_header }}
      search:
        enabled: {{ default false .Values.syncapi.search.enabled }}
        index_path: /data/search
        language: {{ default "en" .Values.syncapi.search.language }}
    tracing:
      {{- toYaml .Values.global.tracing | nindent 6 }}
    logging:
    {{- if .Values.global.logging }}
    {{- toYaml .Values.global.logging | nindent 4 }}
    {{ end }}