diff --git a/charts/dendrite/Chart.yaml b/charts/dendrite/Chart.yaml new file mode 100644 index 000000000..d3f10bfee --- /dev/null +++ b/charts/dendrite/Chart.yaml @@ -0,0 +1,81 @@ +--- +apiVersion: v2 +appVersion: v0.9.4 +description: Dendrite Matrix Homeserver +name: dendrite +version: 7.1.2 +kubeVersion: ">=1.19.0-0" +keywords: + - dendrite + - matrix + - homeserver + - monolith + - federation + - polylith +home: https://github.com/samipsolutions/helm-charts/tree/master/charts/stable/dendrite +maintainers: + - name: Skyler Mäntysaari + url: https://github.com/samip5 +sources: + - https://github.com/matrix-org/dendrite + - https://github.com/matrix-org/dendrite/tree/master/build/docker +dependencies: + - name: common + repository: https://bjw-s.github.io/helm-charts/ + version: 0.1.0 + - name: nats + version: 0.17.5 + repository: https://nats-io.github.io/k8s/helm/charts/ + condition: nats.enabled + # Client API + - name: common + repository: https://bjw-s.github.io/helm-charts/ + version: 0.1.0 + alias: clientapi + condition: dendrite.polylithEnabled + # Media API + - name: common + repository: https://bjw-s.github.io/helm-charts/ + version: 0.1.0 + alias: mediaapi + condition: dendrite.polylithEnabled + # Sync API + - name: common + repository: https://bjw-s.github.io/helm-charts/ + version: 0.1.0 + alias: syncapi + condition: dendrite.polylithEnabled + # Room Server + - name: common + repository: https://bjw-s.github.io/helm-charts/ + version: 0.1.0 + alias: roomserver + condition: dendrite.polylithEnabled + # Federation API + - name: common + repository: https://bjw-s.github.io/helm-charts/ + version: 0.1.0 + alias: federationapi + condition: dendrite.polylithEnabled + # Key Server + - name: common + repository: https://bjw-s.github.io/helm-charts/ + version: 0.1.0 + alias: keyserver + condition: dendrite.polylithEnabled + # User API + - name: common + repository: https://bjw-s.github.io/helm-charts/ + version: 0.1.0 + alias: userapi + condition: dendrite.polylithEnabled + # App Service API + - name: common + repository: https://bjw-s.github.io/helm-charts/ + version: 0.1.0 + alias: appserviceapi + condition: dendrite.polylithEnabled +annotations: + artifacthub.io/changes: |- + - kind: changed + description: Upgrade nats chart dep. diff --git a/charts/dendrite/README.md b/charts/dendrite/README.md new file mode 100644 index 000000000..f72380acb --- /dev/null +++ b/charts/dendrite/README.md @@ -0,0 +1,257 @@ +# dendrite + +![Version: 7.1.1](https://img.shields.io/badge/Version-7.1.1-informational?style=flat-square) ![AppVersion: v0.9.4](https://img.shields.io/badge/AppVersion-v0.9.4-informational?style=flat-square) + +Dendrite Matrix Homeserver + +**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/samipsolutions/helm-charts/issues/new/choose)** + +## Source Code + +* +* + +## Requirements + +Kubernetes: `>=1.19.0-0` + +## Dependencies + +| Repository | Name | Version | +|------------|------|---------| +| https://bjw-s.github.io/helm-charts/ | common | 0.1.0 | +| https://bjw-s.github.io/helm-charts/ | keyserver(common) | 0.1.0 | +| https://bjw-s.github.io/helm-charts/ | clientapi(common) | 0.1.0 | +| https://bjw-s.github.io/helm-charts/ | mediaapi(common) | 0.1.0 | +| https://bjw-s.github.io/helm-charts/ | syncapi(common) | 0.1.0 | +| https://bjw-s.github.io/helm-charts/ | roomserver(common) | 0.1.0 | +| https://bjw-s.github.io/helm-charts/ | federationapi(common) | 0.1.0 | +| https://bjw-s.github.io/helm-charts/ | userapi(common) | 0.1.0 | +| https://bjw-s.github.io/helm-charts/ | appserviceapi(common) | 0.1.0 | +| https://nats-io.github.io/k8s/helm/charts/ | nats | 0.17.1 | + +## TL;DR + +```console +helm repo add samipsolutions https://helm.samipsolutions.fi/ +helm repo update +helm install dendrite samipsolutions/dendrite +``` + +## Installing the Chart + +To install the chart with the release name `dendrite` + +```console +helm install dendrite samipsolutions/dendrite +``` + +## Uninstalling the Chart + +To uninstall the `dendrite` deployment + +```console +helm uninstall dendrite +``` + +The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release. + +## Configuration + +Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values. +Other values may be used from the [values.yaml](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common). + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +```console +helm install dendrite \ + --set env.TZ="America/New York" \ + samipsolutions/dendrite +``` + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. + +```console +helm install dendrite samipsolutions/dendrite -f values.yaml +``` + +## Custom configuration + +### Polylith Ingress + +Due to the complexity of setting up ingress for each individual component it +is left up to the individual to add the necessary ingress fields to polylith deployments. + +For more information see: +- https://github.com/matrix-org/dendrite/blob/master/docs/INSTALL.md#nginx-or-other-reverse-proxy +- and https://github.com/matrix-org/dendrite/blob/master/docs/nginx/polylith-sample.conf + +## Values + +**Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common) + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| appserviceapi | object | See values.yaml | Configure the app service api. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) | +| appserviceapi.database | object | See values.yaml | Override general dendrite.database parameters. | +| appserviceapi.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime | +| appserviceapi.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string | +| appserviceapi.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections | +| appserviceapi.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections | +| appserviceapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| appserviceapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository | +| appserviceapi.image.tag | string | chart.appVersion | image tag | +| clientapi | object | See values.yaml | Configuration for the client api component. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) | +| clientapi.config.captcha | object | See values.yaml | Configure captcha for registration | +| clientapi.config.rate_limiting | object | values.yaml | Configure rate limiting. | +| clientapi.config.registration_disabled | bool | `true` | Enable or disable registration for this homeserver. | +| clientapi.config.registration_shared_secret | string | `""` | Shared secret that allows registration, despite registration_disabled. | +| clientapi.config.turn | object | See values.yaml | Configure TURN | +| clientapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| clientapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository | +| clientapi.image.tag | string | chart.appVersion | image tag | +| database.conn_max_lifetime | int | `-1` | | +| database.connection_string | string | `"file:dendrite?sslmode=disable"` | | +| database.max_idle_conns | int | `2` | | +| database.max_open_conns | int | `100` | | +| dendrite | object | See values.yaml | Configuration for Dendrite. For more information see [the sample denrite-config.yaml](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) | +| dendrite.global | object | See values.yaml | Configure the global settings for dendrite. | +| dendrite.global.cache | object | `{"max_age":"1h","max_size_estimated":"1gb"}` | Congigure the in-memory caches | +| dendrite.global.cache.max_age | string | `"1h"` | The maximum amount of time that a cache entry can live for in memory | +| dendrite.global.cache.max_size_estimated | string | `"1gb"` | Configure the maximum estimated cache size (not a hard limit) | +| dendrite.global.disable_federation | bool | `false` | Disables federation | +| dendrite.global.dns_cache | object | See values.yaml | Configure DNS cache. | +| dendrite.global.dns_cache.enabled | bool | See values.yaml | If enabled, dns cache will be enabled. | +| dendrite.global.key_validity_period | string | `"168h0m0s"` | Configure the key_validity period | +| dendrite.global.metrics | object | See values.yaml | Configure prometheus metrics collection for dendrite. | +| dendrite.global.metrics.enabled | bool | See values.yaml | If enabled, metrics collection will be enabled | +| dendrite.global.mscs | list | `[]` | Configure experimental MSC's | +| dendrite.global.presence | object | `{"enable_inbound":false,"enable_outbound":false}` | Configure handling of presence events | +| dendrite.global.presence.enable_inbound | bool | `false` | Whether inbound presence events are allowed, e.g. receiving presence events from other servers | +| dendrite.global.presence.enable_outbound | bool | `false` | Whether outbound presence events are allowed, e.g. sending presence events to other servers | +| dendrite.global.server_name | string | `"localhost"` | (required) Configure the server name for the dendrite instance. | +| dendrite.global.server_notices | object | `{"avatar_url":"","display_name":"Server alerts","enabled":false,"local_part":"_server","room_name":"Server Alerts"}` | Server notices allows server admins to send messages to all users. | +| dendrite.global.server_notices.avatar_url | string | `""` | The mxid of the avatar to use | +| dendrite.global.server_notices.display_name | string | `"Server alerts"` | The displayname to be used when sending notices | +| dendrite.global.server_notices.local_part | string | `"_server"` | The server localpart to be used when sending notices, ensure this is not yet taken | +| dendrite.global.server_notices.room_name | string | `"Server Alerts"` | The roomname to be used when creating messages | +| dendrite.global.trusted_third_party_id_servers | list | `["matrix.org","vector.im"]` | Configure the list of domains the server will trust as identity servers | +| dendrite.global.well_known_client_name | string | `""` | Configure the well-known client name and optional port | +| dendrite.global.well_known_server_name | string | `""` | Configure the well-known server name and optional port | +| dendrite.logging | list | See values.yaml | Configure logging. | +| dendrite.matrix_key_secret.create | bool | `false` | Create matrix_key secret using the keyBody below. | +| dendrite.matrix_key_secret.existingSecret | string | `""` | Use an existing secret | +| dendrite.matrix_key_secret.keyBody | string | `""` | New Key Body | +| dendrite.matrix_key_secret.secretPath | string | `"matrix_key.pem"` | Field in the secret to get the key from | +| dendrite.polylithEnabled | bool | `false` | Enable polylith deployment | +| dendrite.polylith_ingress | object | See values.yaml | Enable and configure polylith ingress as per https://github.com/matrix-org/dendrite/blob/main/docs/nginx/polylith-sample.conf | +| dendrite.polylith_ingress.syncapi_paths | list | See values.yaml | Sync API Paths are a little tricky since they require regular expressions. Therefore the paths will depend on the ingress controller used. See values.yaml for nginx and traefik. | +| dendrite.report_stats | object | `{"enabled":false,"endpoint":""}` | Usage statistics reporting configuration | +| dendrite.report_stats.enabled | bool | false | Enable or disable usage reporting | +| dendrite.report_stats.endpoint | string | `""` | Push endpoint for usage statistics | +| dendrite.tls_secret | object | See values.yaml | If enabled, use an existing secrets for the TLS certificate and key. Otherwise, to enable TLS a `server.crt` and `server.key` must be mounted at `/etc/dendrite`. | +| dendrite.tracing | object | See values.yaml | Configure opentracing. | +| federationapi | object | values.yaml | Configure the Federation API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) | +| federationapi.database | object | See values.yaml | Override general dendrite.database parameters. | +| federationapi.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime | +| federationapi.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string | +| federationapi.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections | +| federationapi.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections | +| federationapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| federationapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository | +| federationapi.image.tag | string | chart.appVersion | image tag | +| image | object | `{"pullPolicy":"IfNotPresent","repository":"ghcr.io/matrix-org/dendrite-monolith","tag":null}` | IMPORTANT NOTE This chart inherits from our common library chart. You can check the default values/options here: https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml | +| image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| image.repository | string | `"ghcr.io/matrix-org/dendrite-monolith"` | image repository | +| image.tag | string | chart.appVersion | image tag | +| ingress.main | object | See values.yaml | (Monolith Only) Enable and configure ingress settings for the chart under this key. | +| keyserver | object | See values.yaml | Configure the key server. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) | +| keyserver.database | object | See values.yaml | Override general dendrite.database parameters. | +| keyserver.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime | +| keyserver.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string | +| keyserver.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections | +| keyserver.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections | +| keyserver.image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| keyserver.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository | +| keyserver.image.tag | string | chart.appVersion | image tag | +| mediaapi | object | values.yaml | Configure the Media API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) | +| mediaapi.database | object | See values.yaml | Override general dendrite.database parameters. | +| mediaapi.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime | +| mediaapi.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string | +| mediaapi.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections | +| mediaapi.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections | +| mediaapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| mediaapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository | +| mediaapi.image.tag | string | chart.appVersion | image tag | +| mscs | object | values.yaml | Configuration for experimental MSCs For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) | +| mscs.database | object | See values.yaml | Override general dendrite.database parameters. | +| mscs.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime | +| mscs.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string | +| mscs.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections | +| mscs.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections | +| nats.enabled | bool | See value.yaml | Enable and configure NATS for dendrite. Can be disabled for monolith deployments - an internal NATS server will be used in its place. | +| nats.nats.image | string | `"nats:2.7.1-alpine"` | | +| nats.nats.jetstream.enabled | bool | `true` | | +| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. | +| persistence.jetstream | object | See values.yaml | Configure Jetsream persistence. This is highly recommended in production. | +| roomserver | object | values.yaml | Configure the Room Server For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) | +| roomserver.database | object | See values.yaml | Override general dendrite.database parameters. | +| roomserver.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime | +| roomserver.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string | +| roomserver.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections | +| roomserver.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections | +| roomserver.image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| roomserver.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository | +| roomserver.image.tag | string | chart.appVersion | image tag | +| service | object | See values.yaml | If added dendrite will start a HTTP and HTTPS listener args: - "--tls-cert=server.crt" - "--tls-key=server.key" -- Configures service settings for the chart. | +| service.main.ports.http | object | See values.yaml | Configures the default HTTP listener for dendrite | +| service.main.ports.https | object | See values.yaml | Configures the HTTPS listener for dendrite | +| syncapi | object | values.yaml | Configure the Sync API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) | +| syncapi.database | object | See values.yaml | Override general dendrite.database parameters. | +| syncapi.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime | +| syncapi.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string | +| syncapi.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections | +| syncapi.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections | +| syncapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| syncapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository | +| syncapi.image.tag | string | chart.appVersion | image tag | +| userapi | object | values.yaml | Configure the User API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) | +| userapi.config.bcrypt_cost | int | 10 | bcrypt cost (2^[cost] = rounds) | +| userapi.database | object | See values.yaml | Override general dendrite.database parameters. | +| userapi.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime | +| userapi.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string | +| userapi.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections | +| userapi.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections | +| userapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy | +| userapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository | +| userapi.image.tag | string | chart.appVersion | image tag | + +## Changelog + +### Version 7.1.1 + +#### Added + +N/A + +#### Changed + +N/A + +#### Fixed + +* Global database config + +### Older versions + +A historical overview of changes can be found on [ArtifactHUB](https://artifacthub.io/packages/helm/samipsolutions/dendrite?modal=changelog) + +## Support + +- See the [Docs](https://docs.k8s-at-home.com/our-helm-charts/getting-started/) +- Open an [issue](https://github.com/samipsolutions/helm-charts/issues/new/choose) +- Ask a [question](https://github.com/k8s-at-home/organization/discussions) +- Join our [Discord](https://discord.gg/sTMX7Vh) community + +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v0.1.1](https://github.com/k8s-at-home/helm-docs/releases/v0.1.1) diff --git a/charts/dendrite/README_CONFIG.md.gotmpl b/charts/dendrite/README_CONFIG.md.gotmpl new file mode 100644 index 000000000..0664a3ebc --- /dev/null +++ b/charts/dendrite/README_CONFIG.md.gotmpl @@ -0,0 +1,17 @@ +{{- define "custom.custom.configuration.header" -}} +## Custom configuration +{{- end -}} + +{{- define "custom.custom.configuration" -}} +{{ template "custom.custom.configuration.header" . }} + +### Polylith Ingress + +Due to the complexity of setting up ingress for each individual component it +is left up to the individual to add the necessary ingress fields to polylith deployments. + +For more information see: +- https://github.com/matrix-org/dendrite/blob/master/docs/INSTALL.md#nginx-or-other-reverse-proxy +- and https://github.com/matrix-org/dendrite/blob/master/docs/nginx/polylith-sample.conf + +{{- end -}} diff --git a/charts/dendrite/ci/ct-values.yaml b/charts/dendrite/ci/ct-values.yaml new file mode 100644 index 000000000..8b2f8a3ba --- /dev/null +++ b/charts/dendrite/ci/ct-values.yaml @@ -0,0 +1,10 @@ +--- +dendrite: + matrix_key_secret: + create: true + keyBody: | + -----BEGIN MATRIX PRIVATE KEY----- + Key-ID: ed25519:P8gZqV + + qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU= + -----END MATRIX PRIVATE KEY----- diff --git a/charts/dendrite/ci/nats-values.yaml b/charts/dendrite/ci/nats-values.yaml new file mode 100644 index 000000000..ae1b22f8a --- /dev/null +++ b/charts/dendrite/ci/nats-values.yaml @@ -0,0 +1,12 @@ +--- +dendrite: + matrix_key_secret: + create: true + keyBody: | + -----BEGIN MATRIX PRIVATE KEY----- + Key-ID: ed25519:P8gZqV + + qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU= + -----END MATRIX PRIVATE KEY----- +nats: + enabled: true diff --git a/charts/dendrite/ci/polylith-basic-values.yaml b/charts/dendrite/ci/polylith-basic-values.yaml new file mode 100644 index 000000000..c140ba0d7 --- /dev/null +++ b/charts/dendrite/ci/polylith-basic-values.yaml @@ -0,0 +1,13 @@ +--- +dendrite: + polylithEnabled: true + matrix_key_secret: + create: true + keyBody: | + -----BEGIN MATRIX PRIVATE KEY----- + Key-ID: ed25519:P8gZqV + + qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU= + -----END MATRIX PRIVATE KEY----- +nats: + enabled: true diff --git a/charts/dendrite/ci/polylith-full-values.yaml b/charts/dendrite/ci/polylith-full-values.yaml new file mode 100644 index 000000000..ed21cd472 --- /dev/null +++ b/charts/dendrite/ci/polylith-full-values.yaml @@ -0,0 +1,19 @@ +--- +dendrite: + polylithEnabled: true + matrix_key_secret: + create: true + keyBody: | + -----BEGIN MATRIX PRIVATE KEY----- + Key-ID: ed25519:P8gZqV + + qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU= + -----END MATRIX PRIVATE KEY----- + polylith_ingress: + enabled: true + host: matrix.k8s-at-home.org +nats: + enabled: true +persistence: + jetstream: + enabled: true diff --git a/charts/dendrite/templates/NOTES.txt b/charts/dendrite/templates/NOTES.txt new file mode 100644 index 000000000..90f7b653a --- /dev/null +++ b/charts/dendrite/templates/NOTES.txt @@ -0,0 +1 @@ +{{- include "common.notes.defaultNotes" . -}} diff --git a/charts/dendrite/templates/_helper.tpl b/charts/dendrite/templates/_helper.tpl new file mode 100644 index 000000000..cf7c454f9 --- /dev/null +++ b/charts/dendrite/templates/_helper.tpl @@ -0,0 +1,3 @@ +{{- define "dendrite.names.key" -}} + {{- default (printf "%s-key" (include "common.names.fullname" .)) .Values.dendrite.matrix_key_secret.existingSecret -}} +{{- end -}} diff --git a/charts/dendrite/templates/common.yaml b/charts/dendrite/templates/common.yaml new file mode 100644 index 000000000..ce67785e2 --- /dev/null +++ b/charts/dendrite/templates/common.yaml @@ -0,0 +1,77 @@ +{{- if .Values.dendrite.polylithEnabled }} + {{ $components := list "clientapi" "appserviceapi" "federationapi" "userapi" "keyserver" "mediaapi" "syncapi" "roomserver" }} + {{- range $components }} + {{- include "common.values.setup" (index $.Subcharts .) }} + {{- with (index $.Values .) }} + {{- with .image }} + {{- $_ := set . "tag" (default $.Chart.AppVersion .tag) -}} + {{- end -}} + {{- if not .persistence }} + {{- $_ := set . "persistence" (dict)}} + {{- end }} + {{- $_ := set .persistence "dendrite-key" (include "dendrite.keyVolume" $ | fromYaml) -}} + {{- $_ := set .persistence "dendrite-config" (include "dendrite.configVolume" $ | fromYaml) -}} + {{- $_ := set .persistence "dendrite-tls" (include "dendrite.tlsVolume" $ | fromYaml) -}} + {{- $_ := set .persistence "jetstream" $.Values.persistence.jetstream -}} + {{- end }} + {{- include "common.all" (index $.Subcharts .) }} + {{- end }} + {{- with (index $.Values "mediaapi") }} + {{- $_ := set .persistence "media" $.Values.persistence.media -}} + {{- end }} +{{- else }} + {{ include "common.values.setup" . }} + {{- $_ := set .Values.persistence "dendrite-key" (include "dendrite.keyVolume" . | fromYaml) -}} + {{- $_ := set .Values.persistence "dendrite-config" (include "dendrite.configVolume" . | fromYaml) -}} + {{- $_ := set .Values.persistence "dendrite-tls" (include "dendrite.tlsVolume" . | fromYaml) -}} + {{ include "common.all" . }} +{{- end }} +{{- define "dendrite.hardcodedValues" -}} +probes: + liveness: + enabled: true + custom: true + spec: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 10 + httpGet: + path: /_dendrite/monitor/health + {{- if .Values.dendrite.polylithEnabled }} + port: internal + {{ else }} + port: http + {{ end }} + readiness: + enabled: true + custom: true + spec: + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 10 + httpGet: + path: /_dendrite/monitor/health + {{- if .Values.dendrite.polylithEnabled }} + port: internal + {{ else }} + port: http + {{ end }} + startup: + enabled: true + custom: true + spec: + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 10 + httpGet: + path: /_dendrite/monitor/up + {{- if .Values.dendrite.polylithEnabled }} + port: internal + {{ else }} + port: http + {{ end }} +{{- end -}} +{{- $_ := mergeOverwrite .Values (include "dendrite.hardcodedValues" . | fromYaml) -}} diff --git a/charts/dendrite/templates/dendrite-config.yaml b/charts/dendrite/templates/dendrite-config.yaml new file mode 100644 index 000000000..4dd223d6e --- /dev/null +++ b/charts/dendrite/templates/dendrite-config.yaml @@ -0,0 +1,208 @@ +{{- $componentSpecificDatabaseConfig := or .Values.dendrite.polylithEnabled -}} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "common.names.fullname" . }}-config +type: Opaque +stringData: + dendrite.yaml: | + version: 2 + global: + server_name: {{ required "A server_name must be provided." .Values.dendrite.global.server_name | quote }} + private_key: matrix_key.pem + key_validity_period: {{ default "168h0m0s" .Values.dendrite.global.key_validity_period | quote }} + cache: + max_size_estimated: {{ default "1gb" .Values.dendrite.global.cache.max_size_estimated | quote }} + max_age: {{ default "1h" .Values.dendrite.global.cache.max_age | quote }} + well_known_server_name: {{ default "" .Values.dendrite.global.well_known_server_name | quote }} + well_known_client_name: {{ default "" .Values.dendrite.global.well_known_client_name | quote }} + trusted_third_party_id_servers: + {{- toYaml .Values.dendrite.global.trusted_third_party_id_servers | nindent 8 }} + disable_federation: {{ default false .Values.dendrite.global.disable_federation }} + presence: + enable_inbound: {{ default false .Values.dendrite.global.presence.enable_inbound}} + enable_outbound: {{ default false .Values.dendrite.global.presence.enable_outbound }} + report_stats: + enabled: {{ default false .Values.dendrite.report_stats.enabled }} + endpoint: {{ default "https://matrix.org/report-usage-stats/push" .Values.dendrite.report_stats.endpoint }} + server_notices: + enabled: {{ default false .Values.dendrite.global.server_notices.enabled }} + local_part: {{ default "_server" .Values.dendrite.global.server_notices.local_part | quote }} + display_name: {{ default "Server alerts" .Values.dendrite.global.server_notices.display_name | quote }} + avatar_url: {{ default "" .Values.dendrite.global.server_notices.avatar_url | quote }} + room_name: {{ default "Server Alerts" .Values.dendrite.global.server_notices.room_name | quote }} + jetstream: + addresses: + {{- if .Values.nats.enabled }} + - {{ template "common.names.fullname" $.Subcharts.nats }}:4222 + {{- else }} + [] + {{- end }} + in_memory: {{ not .Values.persistence.jetstream.enabled }} + storage_path: {{ .Values.persistence.jetstream.mountPath }} + topic_prefix: "Dendrite" + metrics: + enabled: {{ default false .Values.dendrite.global.metrics.enabled }} + basic_auth: + username: {{ default "metrics" .Values.dendrite.global.metrics.basic_auth.username | quote }} + password: {{ default "metrics" .Values.dendrite.global.metrics.basic_auth.password | quote }} + dns_cache: + enabled: {{ default false .Values.dendrite.global.dns_cache.enabled }} + cache_size: {{ default 256 .Values.dendrite.global.dns_cache.cache_size }} + cache_lifetime: {{ default "5m" .Values.dendrite.global.dns_cache.cache_lifetime }} + {{- if not $componentSpecificDatabaseConfig }} + database: + connection_string: {{ .Values.database.connection_string }} + max_open_conns: {{ default 100 .Values.database.max_open_conns }} + max_idle_conns: {{ default 5 .Values.database.max_idle_conns }} + conn_max_lifetime: {{default -1 .Values.database.conn_max_lifetime }} + {{- end }} + app_service_api: + {{- if .Values.dendrite.polylithEnabled }} + internal_api: + listen: http://0.0.0.0:{{ .Values.appserviceapi.service.main.ports.internal.port }} + connect: http://{{ include "common.names.fullname" (index $.Subcharts "appserviceapi") }}:{{ .Values.appserviceapi.service.main.ports.internal.port }} + {{- end }} + {{- if $componentSpecificDatabaseConfig }} + database: + connection_string: {{ .Values.appserviceapi.database.connection_string }} + max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.appserviceapi.database.max_open_conns }} + max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.appserviceapi.database.max_idle_conns }} + conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.appserviceapi.database.conn_max_lifetime }} + {{- end }} + config_files: {{- toYaml .Values.appserviceapi.config.config_files | nindent 8 }} + client_api: + {{- if .Values.dendrite.polylithEnabled }} + internal_api: + listen: http://0.0.0.0:{{ .Values.clientapi.service.main.ports.internal.port }} + connect: http://{{ include "common.names.fullname" (index $.Subcharts "clientapi") }}:{{ .Values.clientapi.service.main.ports.internal.port }} + external_api: + listen: http://0.0.0.0:{{ .Values.clientapi.service.main.ports.external.port }} + {{- end }} + registration_disabled: {{ .Values.clientapi.config.registration_disabled }} + registration_shared_secret: {{ default "" .Values.clientapi.config.registration_shared_secret | quote }} + enable_registration_captcha: {{ default false .Values.clientapi.config.captcha.enabled }} + recaptcha_public_key: {{ default "" .Values.clientapi.config.captcha.recaptcha_public_key | quote }} + recaptcha_private_key: {{ default "" .Values.clientapi.config.captcha.recaptcha_private_key | quote }} + recaptcha_bypass_secret: {{ default "" .Values.clientapi.config.captcha.recaptcha_bypass_secret | quote }} + recaptcha_siteverify_api: {{ default "" .Values.clientapi.config.captcha.recaptcha_siteverify_api | quote }} + turn: {{- toYaml .Values.clientapi.config.turn | nindent 8 }} + rate_limiting: + enabled: {{ default true .Values.clientapi.config.rate_limiting.enabled }} + threshold: {{ default 5 .Values.clientapi.config.rate_limiting.threshold }} + cooloff_ms: {{ default 500 .Values.clientapi.config.rate_limiting.cooloff_ms }} + exempt_user_ids: {{ .Values.clientapi.config.exempt_user_ids }} + federation_api: + {{- if .Values.dendrite.polylithEnabled }} + internal_api: + listen: http://0.0.0.0:7772 + connect: http://{{ include "common.names.fullname" (index $.Subcharts "federationapi") }}:7772 + external_api: + listen: http://0.0.0.0:8072 + conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.federationapi.database.conn_max_lifetime }} + federation_certificates: {{- toYaml .Values.federationapi.config.federation_certificates | nindent 8 }} + proxy_outbound: + enabled: {{ default false .Values.federationapi.config.proxy_outbound.enabled }} + protocol: {{ default "http" .Values.federationapi.config.proxy_outbound.protocol | quote }} + host: {{ default "localhost" .Values.federationapi.config.proxy_outbound.host | quote }} + port: {{ default 8080 .Values.federationapi.config.proxy_outbound.port }} + {{- end }} + {{- if $componentSpecificDatabaseConfig }} + database: + connection_string: {{ .Values.federationapi.database.connection_string }} + max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.federationapi.database.max_open_conns }} + max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.federationapi.database.max_idle_conns }} + {{- end }} + send_max_retries: {{ default 16 .Values.federationapi.config.send_max_retries }} + disable_tls_validation: {{ default false .Values.federationapi.config.disable_tls_validation }} + key_perspectives: {{- toYaml .Values.federationapi.config.key_perspectives | nindent 8 }} + prefer_direct_fetch: {{ default false .Values.federationapi.config.prefer_direct_fetch }} + key_server: + {{- if .Values.dendrite.polylithEnabled }} + internal_api: + listen: http://0.0.0.0:7779 + connect: http://{{ include "common.names.fullname" (index $.Subcharts "keyserver") }}:7779 + {{- end }} + {{- if $componentSpecificDatabaseConfig }} + database: + connection_string: {{ .Values.keyserver.database.connection_string }} + max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.keyserver.database.max_open_conns }} + max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.keyserver.database.max_idle_conns }} + conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.keyserver.database.conn_max_lifetime }} + {{- end }} + media_api: + {{- if .Values.dendrite.polylithEnabled }} + internal_api: + listen: http://0.0.0.0:7774 + connect: http://{{ include "common.names.fullname" (index $.Subcharts "mediaapi") }}:7774 + external_api: + listen: http://0.0.0.0:8074 + {{- end }} + {{- if $componentSpecificDatabaseConfig }} + database: + connection_string: {{ .Values.mediaapi.database.connection_string }} + max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.mediaapi.database.max_open_conns }} + max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.mediaapi.database.max_idle_conns }} + conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.mediaapi.database.conn_max_lifetime }} + {{- end }} + base_path: {{ default "/var/dendrite/media" .Values.mediaapi.config.base_path | quote }} + max_file_size_bytes: {{ int ( default 10485760 .Values.mediaapi.config.max_file_size_bytes ) }} + dynamic_thumbnails: {{ default false .Values.mediaapi.config.dynamic_thumbnails }} + max_thumbnail_generators: {{ default 10 .Values.mediaapi.config.max_thumbnail_generators }} + thumbnail_sizes: {{- toYaml .Values.mediaapi.config.thumbnail_sizes | nindent 8 }} + mscs: + mscs: {{ .Values.dendrite.global.mscs | toYaml | nindent 8 }} + {{- if $componentSpecificDatabaseConfig }} + database: + connection_string: {{ .Values.mscs.database.connection_string }} + max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.mscs.database.max_open_conns }} + max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.mscs.database.max_idle_conns }} + conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.mscs.database.conn_max_lifetime }} + {{- end }} + room_server: + {{- if .Values.dendrite.polylithEnabled }} + internal_api: + listen: http://0.0.0.0:7770 + connect: http://{{ include "common.names.fullname" (index $.Subcharts "roomserver") }}:7770 + {{- end }} + {{- if $componentSpecificDatabaseConfig }} + database: + connection_string: {{ .Values.roomserver.database.connection_string }} + max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.roomserver.database.max_open_conns }} + max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.roomserver.database.max_idle_conns }} + conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.roomserver.database.conn_max_lifetime }} + {{- end }} + sync_api: + {{- if .Values.dendrite.polylithEnabled }} + internal_api: + listen: http://0.0.0.0:7773 + connect: http://{{ include "common.names.fullname" (index $.Subcharts "syncapi") }}:7773 + external_api: + listen: http://0.0.0.0:8073 + {{- end }} + {{- if $componentSpecificDatabaseConfig }} + database: + connection_string: {{ .Values.syncapi.database.connection_string }} + max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.syncapi.database.max_open_conns }} + max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.syncapi.database.max_idle_conns }} + conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.syncapi.database.conn_max_lifetime }} + {{- end }} + user_api: + {{- if .Values.dendrite.polylithEnabled }} + internal_api: + listen: http://0.0.0.0:7781 + connect: http://{{ include "common.names.fullname" (index $.Subcharts "userapi") }}:7781 + {{- end }} + {{- if $componentSpecificDatabaseConfig }} + account_database: + connection_string: {{ .Values.userapi.database.connection_string }} + max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.userapi.database.max_open_conns }} + max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.userapi.database.max_idle_conns }} + conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.userapi.database.conn_max_lifetime }} + {{- end }} + bcrypt_cost: {{ default 10 .Values.userapi.config.bcrypt_cost }} + tracing: + enabled: {{ .Values.dendrite.tracing.enabled }} + jaeger: {{- toYaml .Values.dendrite.tracing.jaeger | nindent 8 }} + logging: {{- toYaml .Values.dendrite.logging | nindent 6 }} diff --git a/charts/dendrite/templates/ingress.yaml b/charts/dendrite/templates/ingress.yaml new file mode 100644 index 000000000..c0930df83 --- /dev/null +++ b/charts/dendrite/templates/ingress.yaml @@ -0,0 +1,57 @@ +{{- if .Values.dendrite.polylith_ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ include "common.names.fullname" . }} + {{- if .Values.dendrite.polylith_ingress.annotations }} + annotations: {{ toYaml .Values.dendrite.polylith_ingress.annotations | nindent 4 }} + {{- end }} +spec: + {{- if .Values.dendrite.tls_secret.enabled }} + tls: + - hosts: + - {{ .Values.dendrite.polylith_ingress.host | quote }} + secretName: {{ .Values.dendrite.tls_secret.existingSecret }} + {{- end }} + rules: + - host: {{ .Values.dendrite.polylith_ingress.host | quote }} + http: + paths: + {{- range .Values.dendrite.polylith_ingress.syncapi_paths }} + - path: {{ . | quote }} + pathType: Exact + backend: + service: + name: {{ include "common.names.fullname" (index $.Subcharts "syncapi") }} + port: + number: {{ $.Values.syncapi.service.main.ports.external.port }} + {{- end }} + - path: /_matrix/client + pathType: Prefix + backend: + service: + name: {{ include "common.names.fullname" (index $.Subcharts "clientapi") }} + port: + number: {{ .Values.clientapi.service.main.ports.external.port }} + - path: /_matrix/federation + pathType: Prefix + backend: + service: + name: {{ include "common.names.fullname" (index $.Subcharts "federationapi") }} + port: + number: {{ .Values.federationapi.service.main.ports.external.port }} + - path: /_matrix/key + pathType: Prefix + backend: + service: + name: {{ include "common.names.fullname" (index $.Subcharts "federationapi") }} + port: + number: {{ .Values.federationapi.service.main.ports.external.port }} + - path: /_matrix/media + pathType: Prefix + backend: + service: + name: {{ include "common.names.fullname" (index $.Subcharts "mediaapi") }} + port: + number: {{ .Values.mediaapi.service.main.ports.external.port }} +{{- end -}} diff --git a/charts/dendrite/templates/matrix-key-secret.yaml b/charts/dendrite/templates/matrix-key-secret.yaml new file mode 100644 index 000000000..4dcf99c1b --- /dev/null +++ b/charts/dendrite/templates/matrix-key-secret.yaml @@ -0,0 +1,9 @@ +{{- if .Values.dendrite.matrix_key_secret.create }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "dendrite.names.key" . }} +stringData: + {{ .Values.dendrite.matrix_key_secret.secretPath }}: | {{ .Values.dendrite.matrix_key_secret.keyBody | nindent 4 }} +{{- end }} diff --git a/charts/dendrite/templates/volumes.yaml b/charts/dendrite/templates/volumes.yaml new file mode 100644 index 000000000..361125341 --- /dev/null +++ b/charts/dendrite/templates/volumes.yaml @@ -0,0 +1,35 @@ +{{- define "dendrite.keyVolume" -}} +enabled: {{ .Values.dendrite.matrix_key_secret.enabled }} +type: "custom" +volumeSpec: + secret: + defaultMode: 0600 + secretName: {{ include "dendrite.names.key" . }} +subPath: + - path: {{ .Values.dendrite.matrix_key_secret.secretPath }} + mountPath: "/etc/dendrite/matrix_key.pem" +{{- end -}} +{{- define "dendrite.tlsVolume" -}} +enabled: {{ .Values.dendrite.tls_secret.enabled }} +type: "custom" +volumeSpec: + secret: + defaultMode: 0600 + secretName: {{ .Values.dendrite.tls_secret.existingSecret }} +subPath: + - path: {{ .Values.dendrite.tls_secret.crtPath }} + mountPath: "/etc/dendrite/server.crt" + - path: {{ .Values.dendrite.tls_secret.keyPath }} + mountPath: "/etc/dendrite/server.key" +{{- end -}} +{{- define "dendrite.configVolume" -}} +enabled: true +type: "custom" +volumeSpec: + secret: + defaultMode: 0600 + secretName: {{ include "common.names.fullname" . }}-config +subPath: + - path: dendrite.yaml + mountPath: "/etc/dendrite/dendrite.yaml" +{{- end -}} diff --git a/charts/dendrite/values.yaml b/charts/dendrite/values.yaml new file mode 100644 index 000000000..57f3a6a13 --- /dev/null +++ b/charts/dendrite/values.yaml @@ -0,0 +1,599 @@ +# +# IMPORTANT NOTE +# +# This chart inherits from our common library chart. You can check the default +# values/options here: +# https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml +# +--- +image: + # -- image repository + repository: ghcr.io/matrix-org/dendrite-monolith + # -- image tag + # @default -- chart.appVersion + tag: + # -- image pull policy + pullPolicy: IfNotPresent + +# -- If added dendrite will start a HTTP and HTTPS listener +# args: +# - "--tls-cert=server.crt" +# - "--tls-key=server.key" + +# -- Configures service settings for the chart. +# @default -- See values.yaml +service: + main: + ports: + # -- Configures the default HTTP listener for dendrite + # @default -- See values.yaml + http: + port: 8008 + # -- Configures the HTTPS listener for dendrite + # @default -- See values.yaml + https: + enabled: true + port: 8448 + protocol: HTTPS + +ingress: + # -- (Monolith Only) Enable and configure ingress settings for the chart under + # this key. + # @default -- See values.yaml + main: + enabled: false + +# -- Configure persistence settings for the chart under this key. +# @default -- See values.yaml +persistence: + media: + enabled: false + mountPath: &mediaPath /var/dendrite/media + accessMode: ReadWriteOnce + size: 5Gi + # -- Configure Jetsream persistence. This is highly recommended in production. + # @default -- See values.yaml + jetstream: + enabled: false + mountPath: /var/dendrite/jetstream + accessMode: ReadWriteOnce + size: 1Gi + +# Configure global database settings +# @default -- see values.yaml +database: + connection_string: file:dendrite?sslmode=disable + max_open_conns: 100 + max_idle_conns: 2 + conn_max_lifetime: -1 + +# -- Configure the key server. +# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) +# @default -- See values.yaml +keyserver: + image: + # -- image repository + repository: matrixdotorg/dendrite-polylith + # -- image tag + # @default -- chart.appVersion + tag: + # -- image pull policy + pullPolicy: IfNotPresent + service: + main: + ports: + http: + enabled: false + internal: + enabled: true + port: 7779 + args: "keyserver" + # -- Override general dendrite.database parameters. + # @default -- See values.yaml + database: + # -- Custom connection string + # @default -- file or derived from included postgresql deployment + connection_string: null + # -- Maximum open connections + # @default -- dendrite.database.max_open_conns + max_open_conns: null + # -- Maximum dile connections + # @default -- dendrite.database.max_idle_conns + max_idle_conns: null + # -- Maximum connection lifetime + # @default -- dendrite.database.conn_max_lifetime + conn_max_lifetime: null + +# -- Configure the app service api. +# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) +# @default -- See values.yaml +appserviceapi: + image: + # -- image repository + repository: matrixdotorg/dendrite-polylith + # -- image tag + # @default -- chart.appVersion + tag: + # -- image pull policy + pullPolicy: IfNotPresent + service: + main: + ports: + http: + enabled: false + internal: + enabled: true + port: 7777 + ingress: + + args: "appservice" + # -- Override general dendrite.database parameters. + # @default -- See values.yaml + database: + # -- Custom connection string + # @default -- file or derived from included postgresql deployment + connection_string: null + # -- Maximum open connections + # @default -- dendrite.database.max_open_conns + max_open_conns: null + # -- Maximum dile connections + # @default -- dendrite.database.max_idle_conns + max_idle_conns: null + # -- Maximum connection lifetime + # @default -- dendrite.database.conn_max_lifetime + conn_max_lifetime: null + config: + config_files: [] + +# -- Configuration for the client api component. +# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) +# @default -- See values.yaml +clientapi: + image: + # -- image repository + repository: matrixdotorg/dendrite-polylith + # -- image tag + # @default -- chart.appVersion + tag: + # -- image pull policy + pullPolicy: IfNotPresent + service: + main: + ports: + http: + enabled: false + internal: + enabled: true + port: 7771 + external: + enabled: true + port: 8071 + args: "clientapi" + config: + # -- Enable or disable registration for this homeserver. + registration_disabled: true + # -- Shared secret that allows registration, despite registration_disabled. + registration_shared_secret: "" + # -- Configure captcha for registration + # @default -- See values.yaml + captcha: + enabled: false + recaptcha_public_key: "" + recaptcha_private_key: "" + recaptcha_bypass_secret: "" + recaptcha_siteverify_api: "" + # -- Configure TURN + # @default -- See values.yaml + turn: + turn_user_lifetime: "" + turn_uris: [] + turn_shared_secret: "" + turn_username: "" + turn_password: "" + # -- Configure rate limiting. + # @default -- values.yaml + rate_limiting: + enabled: true + threshold: 5 + cooloff_ms: 500 + exempt_user_ids: [] + +# -- Configure the Federation API +# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) +# @default -- values.yaml +federationapi: + image: + # -- image repository + repository: matrixdotorg/dendrite-polylith + # -- image tag + # @default -- chart.appVersion + tag: + # -- image pull policy + pullPolicy: IfNotPresent + service: + main: + ports: + http: + enabled: false + internal: + enabled: true + port: 7772 + external: + enabled: true + port: 8072 + args: "federationapi" + # -- Override general dendrite.database parameters. + # @default -- See values.yaml + database: + # -- Custom connection string + # @default -- file or derived from included postgresql deployment + connection_string: null + # -- Maximum open connections + # @default -- dendrite.database.max_open_conns + max_open_conns: null + # -- Maximum dile connections + # @default -- dendrite.database.max_idle_conns + max_idle_conns: null + # -- Maximum connection lifetime + # @default -- dendrite.database.conn_max_lifetime + conn_max_lifetime: null + config: + federation-certificates: [] + send-max_retires: 16 + disable_tls_validation: false + proxy_outbound: + enabled: false + protocol: http + host: localhost + port: 8080 + key_perspectives: + - server_name: matrix.org + keys: + - key_id: ed25519:auto + public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw + - key_id: ed25519:a_RXGa + public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ + prefer_direct_fetch: false + +# -- Configure the User API +# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) +# @default -- values.yaml +userapi: + image: + # -- image repository + repository: matrixdotorg/dendrite-polylith + # -- image tag + # @default -- chart.appVersion + tag: + # -- image pull policy + pullPolicy: IfNotPresent + service: + main: + ports: + http: + enabled: false + internal: + enabled: true + port: 7781 + args: "userapi" + # -- Override general dendrite.database parameters. + # @default -- See values.yaml + database: + # -- Custom connection string + # @default -- file or derived from included postgresql deployment + connection_string: null + # -- Maximum open connections + # @default -- dendrite.database.max_open_conns + max_open_conns: null + # -- Maximum dile connections + # @default -- dendrite.database.max_idle_conns + max_idle_conns: null + # -- Maximum connection lifetime + # @default -- dendrite.database.conn_max_lifetime + conn_max_lifetime: null + config: + # -- bcrypt cost (2^[cost] = rounds) + # @default -- 10 + bcrypt_cost: 10 + +# -- Configure the Sync API +# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) +# @default -- values.yaml +syncapi: + image: + # -- image repository + repository: matrixdotorg/dendrite-polylith + # -- image tag + # @default -- chart.appVersion + tag: + # -- image pull policy + pullPolicy: IfNotPresent + service: + main: + ports: + http: + enabled: false + internal: + enabled: true + port: 7773 + external: + enabled: true + port: 8073 + args: "syncapi" + # -- Override general dendrite.database parameters. + # @default -- See values.yaml + database: + # -- Custom connection string + # @default -- file or derived from included postgresql deployment + connection_string: null + # -- Maximum open connections + # @default -- dendrite.database.max_open_conns + max_open_conns: null + # -- Maximum dile connections + # @default -- dendrite.database.max_idle_conns + max_idle_conns: null + # -- Maximum connection lifetime + # @default -- dendrite.database.conn_max_lifetime + conn_max_lifetime: null + +# -- Configure the Room Server +# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) +# @default -- values.yaml +roomserver: + image: + # -- image repository + repository: matrixdotorg/dendrite-polylith + # -- image tag + # @default -- chart.appVersion + tag: + # -- image pull policy + pullPolicy: IfNotPresent + service: + main: + ports: + http: + enabled: false + internal: + enabled: true + port: 7770 + args: "roomserver" + # -- Override general dendrite.database parameters. + # @default -- See values.yaml + database: + # -- Custom connection string + # @default -- file or derived from included postgresql deployment + connection_string: null + # -- Maximum open connections + # @default -- dendrite.database.max_open_conns + max_open_conns: null + # -- Maximum dile connections + # @default -- dendrite.database.max_idle_conns + max_idle_conns: null + # -- Maximum connection lifetime + # @default -- dendrite.database.conn_max_lifetime + conn_max_lifetime: null + +# -- Configure the Media API +# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) +# @default -- values.yaml +mediaapi: + image: + # -- image repository + repository: matrixdotorg/dendrite-polylith + # -- image tag + # @default -- chart.appVersion + tag: + # -- image pull policy + pullPolicy: IfNotPresent + service: + main: + ports: + http: + enabled: false + internal: + enabled: true + port: 7774 + external: + enabled: true + port: 8074 + args: "mediaapi" + # -- Override general dendrite.database parameters. + # @default -- See values.yaml + database: + # -- Custom connection string + # @default -- file or derived from included postgresql deployment + connection_string: null + # -- Maximum open connections + # @default -- dendrite.database.max_open_conns + max_open_conns: null + # -- Maximum dile connections + # @default -- dendrite.database.max_idle_conns + max_idle_conns: null + # -- Maximum connection lifetime + # @default -- dendrite.database.conn_max_lifetime + conn_max_lifetime: null + config: + base_path: *mediaPath + max_file_size_bytes: 10485760 + dynamic_thumbnails: false + max_thumbnail_generators: 10 + thumbnail_sizes: + - width: 32 + height: 32 + method: crop + - width: 96 + height: 96 + method: crop + - width: 640 + height: 480 + method: scale + +# -- Configuration for experimental MSCs +# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) +# @default -- values.yaml +mscs: + # -- Override general dendrite.database parameters. + # @default -- See values.yaml + database: + # -- Custom connection string + # @default -- file or derived from included postgresql deployment + connection_string: null + # -- Maximum open connections + # @default -- dendrite.database.max_open_conns + max_open_conns: null + # -- Maximum dile connections + # @default -- dendrite.database.max_idle_conns + max_idle_conns: null + # -- Maximum connection lifetime + # @default -- dendrite.database.conn_max_lifetime + conn_max_lifetime: null + +# -- Configuration for Dendrite. +# For more information see [the sample +# denrite-config.yaml](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) +# @default -- See values.yaml +dendrite: + # -- Enable polylith deployment + polylithEnabled: false + # -- Usage statistics reporting configuration + report_stats: + # -- Enable or disable usage reporting + # @default -- false + enabled: false + # -- Push endpoint for usage statistics + endpoint: "" + # -- If enabled, use an existing secrets for the TLS certificate and key. + # Otherwise, to enable TLS a `server.crt` and `server.key` must be mounted at + # `/etc/dendrite`. + # @default -- See values.yaml + tls_secret: + enabled: false + existingSecret: "" + crtPath: tls.crt + keyPath: tls.key + + matrix_key_secret: + # -- Create matrix_key secret using the keyBody below. + create: false + # -- New Key Body + keyBody: "" + # -- Use an existing secret + existingSecret: "" + # -- Field in the secret to get the key from + secretPath: matrix_key.pem + + # -- Enable and configure polylith ingress as per + # https://github.com/matrix-org/dendrite/blob/main/docs/nginx/polylith-sample.conf + # @default -- See values.yaml + polylith_ingress: + enabled: false + host: "" + annotations: {} + # -- Sync API Paths are a little tricky since they require regular expressions. Therefore + # the paths will depend on the ingress controller used. See values.yaml for nginx and traefik. + # @default -- See values.yaml + syncapi_paths: [] + # For Traefik uncomment these lines + # - /_matrix/client/{version:.*?}/rooms/{roomid:.*?}/messages + # - /_matrix/client/{version:.*?}/keys/changes + # - /_matrix/client/{version:.*?}/user/{userid:.*?}/filter/{filterid:.*?} + # - /_matrix/client/{version:.*?}/user/{userid:.*?}/filter + # - /_matrix/client/{version:.*?}/sync + # + # For nginx uncomment these lines and add the annotations here: + # https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#use-regex + # - /_matrix/client/.*?/(sync|user/.*?/filter/?.*|keys/changes|rooms/.*?/messages)$ + + # -- Configure the global settings for dendrite. + # @default -- See values.yaml + global: + # -- (required) Configure the server name for the dendrite instance. + server_name: localhost + # -- Configure the key_validity period + key_validity_period: 168h0m0s + # -- Congigure the in-memory caches + cache: + # -- Configure the maximum estimated cache size (not a hard limit) + max_size_estimated: "1gb" + # -- The maximum amount of time that a cache entry can live for in memory + max_age: "1h" + # -- Configure the well-known server name and optional port + well_known_server_name: "" + # -- Configure the well-known client name and optional port + well_known_client_name: "" + # -- Configure the list of domains the server will trust as identity servers + trusted_third_party_id_servers: + - matrix.org + - vector.im + # -- Disables federation + disable_federation: false + # -- Configure handling of presence events + presence: + # -- Whether inbound presence events are allowed, e.g. receiving presence events from other servers + enable_inbound: false + # -- Whether outbound presence events are allowed, e.g. sending presence events to other servers + enable_outbound: false + + # -- Server notices allows server admins to send messages to all users. + server_notices: + enabled: false + # -- The server localpart to be used when sending notices, ensure this is not yet taken + local_part: "_server" + # -- The displayname to be used when sending notices + display_name: "Server alerts" + # -- The mxid of the avatar to use + avatar_url: "" + # -- The roomname to be used when creating messages + room_name: "Server Alerts" + # -- Configure prometheus metrics collection for dendrite. + # @default -- See values.yaml + metrics: + # -- If enabled, metrics collection will be enabled + # @default -- See values.yaml + enabled: false + basic_auth: + username: metrics + password: metrics + # -- Configure DNS cache. + # @default -- See values.yaml + dns_cache: + # -- If enabled, dns cache will be enabled. + # @default -- See values.yaml + enabled: false + cache_size: 256 + cache_lifetime: "5m" + # -- Configure experimental MSC's + mscs: [] + + # -- Configure opentracing. + # @default -- See values.yaml + tracing: + enabled: false + jaeger: + serviceName: "" + disabled: false + rpc_metrics: false + tags: [] + sampler: null + reporter: null + headers: null + baggage_restrictions: null + throttler: null + + # -- Configure logging. + # @default -- See values.yaml + logging: + - type: file + level: info + params: + path: /var/log/dendrite + +nats: + # -- Enable and configure NATS for dendrite. Can be disabled for monolith + # deployments - an internal NATS server will be used in its place. + # @default -- See value.yaml + enabled: false + nats: + image: nats:2.7.1-alpine + jetstream: + enabled: true