Update uses

Add Helm CI stuff
Merge branch 'main' into helm-chart
2022-12-05 08:38:19 +01:00 · 2022-12-05 08:23:00 +01:00 · 2022-12-05 07:27:48 +01:00 · 2022-09-29 05:19:36 +03:00 · 2022-09-28 00:29:51 +03:00 · 2022-08-22 18:01:22 +03:00
28 changed files with 2113 additions and 0 deletions
--- a/.github/actions/collect-changes/action.yaml
+++ b/.github/actions/collect-changes/action.yaml
@ -0,0 +1,45 @@
+name: "Collect changes"
+description: "Collects and stores changed files/charts"
+
+outputs:
+  changesDetected:
+    description: "Whether or not changes to charts have been detected"
+    value: ${{ steps.filter.outputs.addedOrModified }}
+  addedOrModifiedFiles:
+    description: "A list of the files changed"
+    value: ${{ steps.filter.outputs.addedOrModified_files }}
+  addedOrModifiedCharts:
+    description: "A list of the charts changed"
+    value: ${{ steps.filter-charts.outputs.addedOrModified }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Collect changed files
+      uses: dorny/paths-filter@v2
+      id: filter
+      with:
+        list-files: shell
+        filters: |
+          addedOrModified:
+            - added|modified: 'charts/*/**'
+
+    - name: Collect changed charts
+      if: |
+        steps.filter.outputs.addedOrModified == 'true'
+      id: filter-charts
+      shell: bash
+      run: |
+        CHARTS=()
+        PATHS=(${{ steps.filter.outputs.addedOrModified_files }})
+        # Get only the chart paths
+        for CHARTPATH in "${PATHS[@]}"
+        do
+          IFS='/' read -r -a path_parts <<< "${CHARTPATH}"
+          CHARTS+=("${path_parts[1]}/${path_parts[2]}")
+        done
+
+        # Remove duplicates
+        CHARTS=( `printf "%s\n" "${CHARTS[@]}" | sort -u` )
+        # Set output to changed charts
+        printf "::set-output name=addedOrModified::%s\n" "${CHARTS[*]}"
--- a/.github/scripts/check-releasenotes.sh
+++ b/.github/scripts/check-releasenotes.sh
@ -0,0 +1,49 @@
+#!/usr/bin/env bash
+
+set -e
+
+# Check if release notes have been changed
+# Usage ./check-releasenotes.sh path
+
+# require yq
+command -v yq >/dev/null 2>&1 || {
+    printf >&2 "%s\n" "yq (https://github.com/mikefarah/yq) is not installed. Aborting."
+    exit 1
+}
+
+# Absolute path of repository
+repository=$(git rev-parse --show-toplevel)
+
+# Allow for a specific chart to be passed in as a argument
+if [ $# -ge 1 ] && [ -n "$1" ]; then
+    root="$1"
+    chart_file="${1}/Chart.yaml"
+    if [ ! -f "$chart_file" ]; then
+        printf >&2 "File %s\n does not exist.\n" "${chart_file}"
+        exit 1
+    fi
+
+    cd $root
+
+    if [ -z "$DEFAULT_BRANCH" ]; then
+      DEFAULT_BRANCH=$(git remote show origin | awk '/HEAD branch/ {print $NF}')
+    fi
+
+    CURRENT=$(cat Chart.yaml | yq e '.annotations."artifacthub.io/changes"' -P -)
+
+    if [ "$CURRENT" == "" ] || [ "$CURRENT" == "null" ]; then
+      printf >&2 "Changelog annotation has not been set in %s!\n" "$chart_file"
+      exit 1
+    fi
+
+    DEFAULT_BRANCH=$(git remote show origin | awk '/HEAD branch/ {print $NF}')
+    ORIGINAL=$(git show origin/$DEFAULT_BRANCH:./Chart.yaml | yq e '.annotations."artifacthub.io/changes"' -P -)
+
+    if [ "$CURRENT" == "$ORIGINAL" ]; then
+      printf >&2 "Changelog annotation has not been updated in %s!\n" "$chart_file"
+      exit 1
+    fi
+else
+    printf >&2 "%s\n" "No chart folder has been specified."
+    exit 1
+fi
--- a/.github/scripts/gen-helm-docs.sh
+++ b/.github/scripts/gen-helm-docs.sh
@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+set -eu
+
+# Generate helm-docs for Helm charts
+# Usage ./gen-helm-docs.sh [stable/incubator] [chart]
+
+# require helm-docs
+command -v helm-docs >/dev/null 2>&1 || {
+    echo >&2 "helm-docs (https://github.com/k8s-at-home/helm-docs) is not installed. Aborting."
+    exit 1
+}
+
+# Absolute path of repository
+repository=$(git rev-parse --show-toplevel)
+
+# Templates to copy into each chart directory
+readme_template="${repository}/hack/templates/README.md.gotmpl"
+readme_config_template="${repository}/hack/templates/README_CONFIG.md.gotmpl"
+
+# Gather all charts using the common library, excluding common-test
+charts=$(find "${repository}" -name "Chart.yaml")
+
+# Allow for a specific chart to be passed in as a argument
+if [ $# -ge 1 ] && [ -n "$1" ] && [ -n "$2" ]; then
+    charts="${repository}/charts/$1/$2/Chart.yaml"
+    root="$(dirname "${charts}")"
+    if [ ! -f "$charts" ]; then
+        echo "File ${charts} does not exist."
+        exit 1
+    fi
+else
+    root="${repository}/charts/stable"
+fi
+
+for chart in ${charts}; do
+    chart_directory="$(dirname "${chart}")"
+    echo "-] Copying templates to ${chart_directory}"
+    # Copy CONFIG template to each Chart directory, do not overwrite if exists
+    cp -n "${readme_config_template}" "${chart_directory}" || true
+done
+
+# Run helm-docs for charts using the common library and the common library itself
+helm-docs \
+    --ignore-file="${repository}/.helmdocsignore" \
+    --template-files="${readme_template}" \
+    --template-files="$(basename "${readme_config_template}")" \
+    --chart-search-root="${root}"
--- a/.github/scripts/renovate-releasenotes.py
+++ b/.github/scripts/renovate-releasenotes.py
@ -0,0 +1,153 @@
+#!/usr/bin/env python
+
+import os
+import sys
+import typer
+
+from git import Repo
+from loguru import logger
+from pathlib import Path
+
+from ruamel.yaml import YAML
+from ruamel.yaml.comments import CommentedMap
+from ruamel.yaml.scalarstring import LiteralScalarString
+from typing import List
+
+app = typer.Typer(add_completion=False)
+
+
+def _setup_logging(debug):
+    """
+    Setup the log formatter for this script
+    """
+
+    log_level = "INFO"
+    if debug:
+        log_level = "DEBUG"
+
+    logger.remove()
+    logger.add(
+        sys.stdout,
+        colorize=True,
+        format="<level>{message}</level>",
+        level=log_level,
+    )
+
+
+@app.command()
+def main(
+    chart_folders: List[Path] = typer.Argument(
+        ..., help="Folders containing the chart to process"),
+    check_branch: str = typer.Option(
+        None, help="The branch to compare against."),
+    chart_base_folder: Path = typer.Option(
+        "charts", help="The base folder where the charts reside."),
+    debug: bool = False,
+):
+    _setup_logging(debug)
+
+    git_repository = Repo(search_parent_directories=True)
+
+    if check_branch:
+        logger.info(f"Trying to find branch {check_branch}...")
+        branch = next(
+            (ref for ref in git_repository.remotes.origin.refs if ref.name == check_branch),
+            None
+        )
+    else:
+        logger.info(f"Trying to determine default branch...")
+        branch = next(
+            (ref for ref in git_repository.remotes.origin.refs if ref.name == "origin/HEAD"),
+            None
+        )
+
+    if not branch:
+        logger.error(
+            f"Could not find branch {check_branch} to compare against.")
+        raise typer.Exit(1)
+
+    logger.info(f"Comparing against branch {branch}")
+
+    for chart_folder in chart_folders:
+        chart_folder = chart_base_folder.joinpath(chart_folder)
+        if not chart_folder.is_dir():
+            logger.error(f"Could not find folder {str(chart_folder)}")
+            raise typer.Exit(1)
+
+        chart_metadata_file = chart_folder.joinpath('Chart.yaml')
+
+        if not chart_metadata_file.is_file():
+            logger.error(f"Could not find file {str(chart_metadata_file)}")
+            raise typer.Exit(1)
+
+        logger.info(f"Updating changelog annotation for chart {chart_folder}")
+
+        yaml = YAML(typ=['rt', 'string'])
+        yaml.indent(mapping=2, sequence=4, offset=2)
+        yaml.explicit_start = True
+        yaml.preserve_quotes = True
+        yaml.width = 4096
+
+        old_chart_metadata = yaml.load(
+            git_repository.git.show(f"{branch}:{chart_metadata_file}")
+        )
+        new_chart_metadata = yaml.load(chart_metadata_file.read_text())
+
+        try:
+            old_chart_dependencies = old_chart_metadata["dependencies"]
+        except KeyError:
+            old_chart_dependencies = []
+
+        try:
+            new_chart_dependencies = new_chart_metadata["dependencies"]
+        except KeyError:
+            new_chart_dependencies = []
+
+        annotations = []
+        for dependency in new_chart_dependencies:
+            old_dep = None
+            if "alias" in dependency.keys():
+                old_dep = next(
+                    (old_dep for old_dep in old_chart_dependencies if "alias" in old_dep.keys(
+                    ) and old_dep["alias"] == dependency["alias"]),
+                    None
+                )
+            else:
+                old_dep = next(
+                    (old_dep for old_dep in old_chart_dependencies if old_dep["name"] == dependency["name"]),
+                    None
+                )
+
+            add_annotation = False
+            if old_dep:
+                if dependency["version"] != old_dep["version"]:
+                    add_annotation = True
+            else:
+                add_annotation = True
+
+            if add_annotation:
+                if "alias" in dependency.keys():
+                    annotations.append({
+                        "kind": "changed",
+                        "description": f"Upgraded `{dependency['name']}` chart dependency to version {dependency['version']} for alias '{dependency['alias']}'"
+                    })
+                else:
+                    annotations.append({
+                        "kind": "changed",
+                        "description": f"Upgraded `{dependency['name']}` chart dependency to version {dependency['version']}"
+                    })
+
+        if annotations:
+            annotations = YAML(typ=['rt', 'string']
+                               ).dump_to_string(annotations)
+
+            if not "annotations" in new_chart_metadata:
+                new_chart_metadata["annotations"] = CommentedMap()
+
+            new_chart_metadata["annotations"]["artifacthub.io/changes"] = LiteralScalarString(
+                annotations)
+            yaml.dump(new_chart_metadata, chart_metadata_file)
+
+
+if __name__ == "__main__":
+    app()
--- a/.github/scripts/requirements.txt
+++ b/.github/scripts/requirements.txt
@ -0,0 +1,5 @@
+GitPython==3.1.27
+loguru==0.6.0
+ruamel.yaml==0.17.21
+ruamel.yaml.string==0.1.0
+typer==0.6.1
--- a/.github/workflows/dendrite.yml
+++ b/.github/workflows/dendrite.yml
@ -2,12 +2,20 @@ name: Dendrite

 on:
  push:
+    paths-ignore:
+      - 'charts/**' # ignore helm chart changes
    branches:
      - main
  pull_request:
+    paths-ignore:
+      - 'charts/**' # ignore helm chart changes
  release:
+    paths-ignore:
+      - 'charts/**' # ignore helm chart changes
    types: [published]
  workflow_dispatch:
+    paths-ignore:
+      - 'charts/**' # ignore helm chart changes

 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@ -4,6 +4,8 @@ name: "Docker"

 on:
  release: # A GitHub release was published
+    paths-ignore:
+      - 'charts/**' # ignore helm chart changes
    types: [published]
  workflow_dispatch: # A build was manually requested
  workflow_call: # Another pipeline called us
--- a/.github/workflows/helm-charts-changelog.yaml
+++ b/.github/workflows/helm-charts-changelog.yaml
@ -0,0 +1,81 @@
+name: "Charts: Update README"
+
+on:
+  workflow_call:
+    inputs:
+      modifiedCharts:
+        required: true
+        type: string
+      isRenovatePR:
+        required: true
+        type: string
+    outputs:
+      commitHash:
+        description: "The most recent commit hash at the end of this workflow"
+        value: ${{ jobs.generate-changelog.outputs.commitHash }}
+
+jobs:
+  validate-changelog:
+    name: Validate changelog
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Check changelog annotations
+        if: inputs.isRenovatePR != 'true'
+        run: |
+          CHARTS=(${{ inputs.modifiedCharts }})
+          for i in "${CHARTS[@]}"
+          do
+              IFS='/' read -r -a chart_parts <<< "$i"
+              ./.github/scripts/check-releasenotes.sh "charts/${chart_parts[0]}/${chart_parts[1]}"
+              echo ""
+          done
+
+  generate-changelog:
+    name: Generate changelog annotations
+    runs-on: ubuntu-latest
+    needs:
+      - validate-changelog
+    outputs:
+      commitHash: ${{ steps.save-commit-hash.outputs.commit_hash }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Setup Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.10"
+
+      - name: Annotate Charts.yaml for Renovate PR's
+        if: inputs.isRenovatePR == 'true'
+        env:
+          CHECK_BRANCH: "origin/${{ github.event.repository.default_branch }}"
+        run: |
+          pip install -r ./.github/scripts/requirements.txt
+          ./.github/scripts/renovate-releasenotes.py --check-branch "$CHECK_BRANCH" ${{ inputs.modifiedCharts }}
+
+      - name: Create commit
+        id: create-commit
+        if: inputs.isRenovatePR == 'true'
+        uses: stefanzweifel/git-auto-commit-action@v4
+        with:
+          file_pattern: charts/**/
+          commit_message: "chore: Auto-update chart metadata"
+          commit_user_name: ${{ github.actor }}
+          commit_user_email: ${{ github.actor }}@users.noreply.github.com
+
+      - name: Save commit hash
+        id: save-commit-hash
+        run: |
+          if [ "${{ steps.create-commit.outputs.changes_detected || 'unknown' }}" == "true" ]; then
+            echo '::set-output name=commit_hash::${{ steps.create-commit.outputs.commit_hash }}'
+          else
+            echo "::set-output name=commit_hash::${GITHUB_SHA}"
+          fi
--- a/.github/workflows/helm-charts-lint.yaml
+++ b/.github/workflows/helm-charts-lint.yaml
@ -0,0 +1,54 @@
+name: "Charts: Lint"
+
+on:
+  workflow_call:
+    inputs:
+      checkoutCommit:
+        required: true
+        type: string
+      chartChangesDetected:
+        required: true
+        type: string
+
+jobs:
+  lint:
+    name: Lint charts
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          ref: ${{ inputs.checkoutCommit }}
+
+      - name: Install Kubernetes tools
+        uses: yokawasa/action-setup-kube-tools@v0.8.2
+        with:
+          setup-tools: |
+            helmv3
+          helm: "3.8.0"
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.10"
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.3.0
+
+      - name: Collect changes
+        id: list-changed
+        if: inputs.chartChangesDetected == 'true'
+        run: |
+          EXCLUDED=$(yq eval -o=json '.excluded-charts // []' .github/ct-lint.yaml)
+          CHARTS=$(ct list-changed --config .github/ct-lint.yaml)
+          CHARTS_JSON=$(echo "${CHARTS}" | jq -R -s -c 'split("\n")[:-1]')
+          OUTPUT_JSON=$(echo "{\"excluded\": ${EXCLUDED}, \"all\": ${CHARTS_JSON}}" | jq -c '.all-.excluded')
+          echo ::set-output name=charts::${OUTPUT_JSON}
+          if [[ $(echo ${OUTPUT_JSON} | jq -c '. | length') -gt 0 ]]; then
+            echo "::set-output name=detected::true"
+          fi
+
+      - name: Run chart-testing (lint)
+        id: lint
+        if: steps.list-changed.outputs.detected == 'true'
+        run: ct lint --config .github/ct-lint.yaml
--- a/.github/workflows/helm-charts-test.yaml
+++ b/.github/workflows/helm-charts-test.yaml
@ -0,0 +1,134 @@
+name: "Charts: Test"
+
+on:
+  workflow_call:
+    inputs:
+      checkoutCommit:
+        required: true
+        type: string
+      chartChangesDetected:
+        required: true
+        type: string
+
+jobs:
+  unit-test:
+    name: Run unit tests
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          ref: ${{ inputs.checkoutCommit }}
+
+      - name: Install Kubernetes tools
+        uses: yokawasa/action-setup-kube-tools@v0.8.2
+        with:
+          setup-tools: |
+            helmv3
+          helm: "3.8.0"
+
+      - name: Install Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.7
+
+      - name: Install dependencies
+        env:
+          RUBYJQ_USE_SYSTEM_LIBRARIES: 1
+        run: |
+          sudo apt-get update
+          sudo apt-get install libjq-dev
+          bundle install
+
+      - name: Run tests
+        run: |
+          bundle exec m -r ./test/
+
+  generate-install-matrix:
+    name: Generate matrix for install
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: |
+        {
+          "chart": ${{ steps.list-changed.outputs.charts }}
+        }
+      detected: ${{ steps.list-changed.outputs.detected }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          ref: ${{ inputs.checkoutCommit }}
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.3.0
+
+      - name: Run chart-testing (list-changed)
+        id: list-changed
+        if: inputs.chartChangesDetected == 'true'
+        run: |
+          EXCLUDED=$(yq eval -o=json '.excluded-charts // []' .github/ct-install.yaml)
+          CHARTS=$(ct list-changed --config .github/ct-install.yaml)
+          CHARTS_JSON=$(echo "${CHARTS}" | jq -R -s -c 'split("\n")[:-1]')
+          OUTPUT_JSON=$(echo "{\"excluded\": ${EXCLUDED}, \"all\": ${CHARTS_JSON}}" | jq -c '.all-.excluded')
+          echo ::set-output name=charts::${OUTPUT_JSON}
+          if [[ $(echo ${OUTPUT_JSON} | jq -c '. | length') -gt 0 ]]; then
+            echo "::set-output name=detected::true"
+          fi
+
+  install-charts:
+    needs:
+      - generate-install-matrix
+    if: needs.generate-install-matrix.outputs.detected == 'true'
+    name: Install charts
+    strategy:
+      matrix: ${{ fromJson(needs.generate-install-matrix.outputs.matrix) }}
+      fail-fast: false
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          ref: ${{ inputs.checkoutCommit }}
+
+      - name: Install Kubernetes tools
+        uses: yokawasa/action-setup-kube-tools@v0.8.2
+        with:
+          setup-tools: |
+            helmv3
+          helm: "3.6.3"
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: "3.10"
+
+      - name: Set up chart-testing
+        uses: helm/chart-testing-action@v2.3.0
+
+      - name: Create k3d cluster
+        uses: nolar/setup-k3d-k3s@v1
+        with:
+          version: v1.19
+
+      - name: Remove node taints
+        run: |
+          kubectl taint --all=true nodes node.cloudprovider.kubernetes.io/uninitialized- || true
+
+      - name: Run chart-testing (install)
+        run: ct install --config .github/ct-install.yaml --charts ${{ matrix.chart }}
+
+  # Summarize matrix https://github.community/t/status-check-for-a-matrix-jobs/127354/7
+  install_success:
+    needs:
+      - generate-install-matrix
+      - install-charts
+    if: |
+      always()
+    name: Install successful
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check install matrix status
+        if: ${{ (needs.generate-install-matrix.outputs.detected == 'true') && (needs.install-charts.result != 'success') }}
+        run: exit 1
--- a/.github/workflows/helm-pr-metadata.yaml
+++ b/.github/workflows/helm-pr-metadata.yaml
@ -0,0 +1,60 @@
+name: "Pull Request: Get metadata"
+
+on:
+  workflow_call:
+    outputs:
+      isRenovatePR:
+        description: "Is the PR coming from Renovate?"
+        value: ${{ jobs.pr-metadata.outputs.isRenovatePR }}
+      isFork:
+        description: "Is the PR coming from a forked repo?"
+        value: ${{ jobs.pr-metadata.outputs.isFork }}
+      addedOrModified:
+        description: "Does the PR contain any changes?"
+        value: ${{ jobs.pr-changes.outputs.addedOrModified }}
+      addedOrModifiedFiles:
+        description: "A list of the files changed in this PR"
+        value: ${{ jobs.pr-changes.outputs.addedOrModifiedFiles }}
+      addedOrModifiedCharts:
+        description: "A list of the charts changed in this PR"
+        value: ${{ jobs.pr-changes.outputs.addedOrModifiedCharts }}
+
+jobs:
+  pr-metadata:
+    name: Collect PR metadata
+    runs-on: ubuntu-latest
+    outputs:
+      isRenovatePR: ${{ startsWith(steps.branch-name.outputs.current_branch, 'renovate/') }}
+      isFork: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
+    steps:
+      - name: Get branch name
+        id: branch-name
+        uses: tj-actions/branch-names@v5.4
+
+      - name: Save PR data to file
+        env:
+          PR_NUMBER: ${{ github.event.number }}
+        run: |
+          echo $PR_NUMBER > pr_number.txt
+
+      - name: Store pr data in artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: pr_metadata
+          path: ./pr_number.txt
+          retention-days: 5
+
+  pr-changes:
+    name: Collect PR changes
+    runs-on: ubuntu-latest
+    outputs:
+      addedOrModified: ${{ steps.collect-changes.outputs.changesDetected }}
+      addedOrModifiedFiles: ${{ steps.collect-changes.outputs.addedOrModifiedFiles }}
+      addedOrModifiedCharts: ${{ steps.collect-changes.outputs.addedOrModifiedCharts }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Collect changes
+        id: collect-changes
+        uses: ./.github/actions/collect-changes
--- a/.github/workflows/helm-pre-commit-check.yaml
+++ b/.github/workflows/helm-pre-commit-check.yaml
@ -0,0 +1,21 @@
+name: "Pre-commit consistency check"
+
+on:
+  workflow_call:
+    inputs:
+      modifiedFiles:
+        required: true
+        type: string
+
+jobs:
+  pre-commit-check:
+    name: Run pre-commit checks
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Run against changes
+        uses: pre-commit/action@v3.0.0
+        with:
+          extra_args: --files ${{ inputs.modifiedFiles }}
--- a/.github/workflows/helm.yml
+++ b/.github/workflows/helm.yml
@ -0,0 +1,56 @@
+name: "Pull Request: Validate"
+
+on:
+  pull_request:
+    paths:
+      - 'charts/**' # only execute if we have helm chart changes
+    branches:
+      - main
+    types:
+      - opened
+      - edited
+      - reopened
+      - ready_for_review
+      - synchronize
+
+concurrency:
+  group: ${{ github.head_ref }}-pr-validate
+  cancel-in-progress: true
+
+jobs:
+  pr-metadata:
+    uses: S7evinK/dendrite/.github/workflows/helm-pr-metadata.yaml@main
+
+  pre-commit-check:
+    uses: S7evinK/dendrite/.github/workflows/helm-pre-commit-check.yaml@main
+    needs:
+      - pr-metadata
+    with:
+      modifiedFiles: ${{ needs.pr-metadata.outputs.addedOrModifiedFiles }}
+
+  charts-changelog:
+    uses: S7evinK/dendrite/.github/workflows/helm-charts-changelog.yaml@main
+    needs:
+      - pr-metadata
+      - pre-commit-check
+    with:
+      isRenovatePR: ${{ needs.pr-metadata.outputs.isRenovatePR }}
+      modifiedCharts: ${{ needs.pr-metadata.outputs.addedOrModifiedCharts }}
+
+  charts-lint:
+    uses: S7evinK/dendrite/.github/workflows/helm-charts-lint.yaml@main
+    needs:
+      - pr-metadata
+      - charts-changelog
+    with:
+      checkoutCommit: ${{ needs.charts-changelog.outputs.commitHash }}
+      chartChangesDetected: ${{ needs.pr-metadata.outputs.addedOrModified }}
+
+  charts-test:
+    uses: S7evinK/dendrite/.github/workflows/helm-charts-test.yaml@main
+    needs:
+      - pr-metadata
+      - charts-changelog
+    with:
+      checkoutCommit: ${{ needs.charts-changelog.outputs.commitHash }}
+      chartChangesDetected: ${{ needs.pr-metadata.outputs.addedOrModified }}
--- a/charts/dendrite/Chart.yaml
+++ b/charts/dendrite/Chart.yaml
@ -0,0 +1,81 @@
+---
+apiVersion: v2
+appVersion: v0.9.4
+description: Dendrite Matrix Homeserver
+name: dendrite
+version: 7.1.2
+kubeVersion: ">=1.19.0-0"
+keywords:
+  - dendrite
+  - matrix
+  - homeserver
+  - monolith
+  - federation
+  - polylith
+home: https://github.com/samipsolutions/helm-charts/tree/master/charts/stable/dendrite
+maintainers:
+  - name: Skyler Mäntysaari
+    url: https://github.com/samip5
+sources:
+  - https://github.com/matrix-org/dendrite
+  - https://github.com/matrix-org/dendrite/tree/master/build/docker
+dependencies:
+  - name: common
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 0.1.0
+  - name: nats
+    version: 0.17.5
+    repository: https://nats-io.github.io/k8s/helm/charts/
+    condition: nats.enabled
+  # Client API
+  - name: common
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 0.1.0
+    alias: clientapi
+    condition: dendrite.polylithEnabled
+  # Media API
+  - name: common
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 0.1.0
+    alias: mediaapi
+    condition: dendrite.polylithEnabled
+  # Sync API
+  - name: common
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 0.1.0
+    alias: syncapi
+    condition: dendrite.polylithEnabled
+  # Room Server
+  - name: common
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 0.1.0
+    alias: roomserver
+    condition: dendrite.polylithEnabled
+  # Federation API
+  - name: common
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 0.1.0
+    alias: federationapi
+    condition: dendrite.polylithEnabled
+  # Key Server
+  - name: common
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 0.1.0
+    alias: keyserver
+    condition: dendrite.polylithEnabled
+  # User API
+  - name: common
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 0.1.0
+    alias: userapi
+    condition: dendrite.polylithEnabled
+  # App Service API
+  - name: common
+    repository: https://bjw-s.github.io/helm-charts/
+    version: 0.1.0
+    alias: appserviceapi
+    condition: dendrite.polylithEnabled
+annotations:
+  artifacthub.io/changes: |-
+    - kind: changed
+      description: Upgrade nats chart dep.
--- a/charts/dendrite/README.md
+++ b/charts/dendrite/README.md
@ -0,0 +1,257 @@
+# dendrite
+
+![Version: 7.1.1](https://img.shields.io/badge/Version-7.1.1-informational?style=flat-square) ![AppVersion: v0.9.4](https://img.shields.io/badge/AppVersion-v0.9.4-informational?style=flat-square)
+
+Dendrite Matrix Homeserver
+
+**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/samipsolutions/helm-charts/issues/new/choose)**
+
+## Source Code
+
+* <https://github.com/matrix-org/dendrite>
+* <https://github.com/matrix-org/dendrite/tree/master/build/docker>
+
+## Requirements
+
+Kubernetes: `>=1.19.0-0`
+
+## Dependencies
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://bjw-s.github.io/helm-charts/ | common | 0.1.0 |
+| https://bjw-s.github.io/helm-charts/ | keyserver(common) | 0.1.0 |
+| https://bjw-s.github.io/helm-charts/ | clientapi(common) | 0.1.0 |
+| https://bjw-s.github.io/helm-charts/ | mediaapi(common) | 0.1.0 |
+| https://bjw-s.github.io/helm-charts/ | syncapi(common) | 0.1.0 |
+| https://bjw-s.github.io/helm-charts/ | roomserver(common) | 0.1.0 |
+| https://bjw-s.github.io/helm-charts/ | federationapi(common) | 0.1.0 |
+| https://bjw-s.github.io/helm-charts/ | userapi(common) | 0.1.0 |
+| https://bjw-s.github.io/helm-charts/ | appserviceapi(common) | 0.1.0 |
+| https://nats-io.github.io/k8s/helm/charts/ | nats | 0.17.1 |
+
+## TL;DR
+
+```console
+helm repo add samipsolutions https://helm.samipsolutions.fi/
+helm repo update
+helm install dendrite samipsolutions/dendrite
+```
+
+## Installing the Chart
+
+To install the chart with the release name `dendrite`
+
+```console
+helm install dendrite samipsolutions/dendrite
+```
+
+## Uninstalling the Chart
+
+To uninstall the `dendrite` deployment
+
+```console
+helm uninstall dendrite
+```
+
+The command removes all the Kubernetes components associated with the chart **including persistent volumes** and deletes the release.
+
+## Configuration
+
+Read through the [values.yaml](./values.yaml) file. It has several commented out suggested values.
+Other values may be used from the [values.yaml](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml) from the [common library](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common).
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+
+```console
+helm install dendrite \
+  --set env.TZ="America/New York" \
+    samipsolutions/dendrite
+```
+
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart.
+
+```console
+helm install dendrite samipsolutions/dendrite -f values.yaml
+```
+
+## Custom configuration
+
+### Polylith Ingress
+
+Due to the complexity of setting up ingress for each individual component it
+is left up to the individual to add the necessary ingress fields to polylith deployments.
+
+For more information see:
+- https://github.com/matrix-org/dendrite/blob/master/docs/INSTALL.md#nginx-or-other-reverse-proxy
+- and https://github.com/matrix-org/dendrite/blob/master/docs/nginx/polylith-sample.conf
+
+## Values
+
+**Important**: When deploying an application Helm chart you can add more values from our common library chart [here](https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common)
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| appserviceapi | object | See values.yaml | Configure the app service api. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) |
+| appserviceapi.database | object | See values.yaml | Override general dendrite.database parameters. |
+| appserviceapi.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime |
+| appserviceapi.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string |
+| appserviceapi.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections |
+| appserviceapi.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections |
+| appserviceapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| appserviceapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| appserviceapi.image.tag | string | chart.appVersion | image tag |
+| clientapi | object | See values.yaml | Configuration for the client api component. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) |
+| clientapi.config.captcha | object | See values.yaml | Configure captcha for registration |
+| clientapi.config.rate_limiting | object | values.yaml | Configure rate limiting. |
+| clientapi.config.registration_disabled | bool | `true` | Enable or disable registration for this homeserver. |
+| clientapi.config.registration_shared_secret | string | `""` | Shared secret that allows registration, despite registration_disabled. |
+| clientapi.config.turn | object | See values.yaml | Configure TURN |
+| clientapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| clientapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| clientapi.image.tag | string | chart.appVersion | image tag |
+| database.conn_max_lifetime | int | `-1` |  |
+| database.connection_string | string | `"file:dendrite?sslmode=disable"` |  |
+| database.max_idle_conns | int | `2` |  |
+| database.max_open_conns | int | `100` |  |
+| dendrite | object | See values.yaml | Configuration for Dendrite. For more information see [the sample denrite-config.yaml](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) |
+| dendrite.global | object | See values.yaml | Configure the global settings for dendrite. |
+| dendrite.global.cache | object | `{"max_age":"1h","max_size_estimated":"1gb"}` | Congigure the in-memory caches |
+| dendrite.global.cache.max_age | string | `"1h"` | The maximum amount of time that a cache entry can live for in memory |
+| dendrite.global.cache.max_size_estimated | string | `"1gb"` | Configure the maximum estimated cache size (not a hard limit) |
+| dendrite.global.disable_federation | bool | `false` | Disables federation |
+| dendrite.global.dns_cache | object | See values.yaml | Configure DNS cache. |
+| dendrite.global.dns_cache.enabled | bool | See values.yaml | If enabled, dns cache will be enabled. |
+| dendrite.global.key_validity_period | string | `"168h0m0s"` | Configure the key_validity period |
+| dendrite.global.metrics | object | See values.yaml | Configure prometheus metrics collection for dendrite. |
+| dendrite.global.metrics.enabled | bool | See values.yaml | If enabled, metrics collection will be enabled |
+| dendrite.global.mscs | list | `[]` | Configure experimental MSC's |
+| dendrite.global.presence | object | `{"enable_inbound":false,"enable_outbound":false}` | Configure handling of presence events |
+| dendrite.global.presence.enable_inbound | bool | `false` | Whether inbound presence events are allowed, e.g. receiving presence events from other servers |
+| dendrite.global.presence.enable_outbound | bool | `false` | Whether outbound presence events are allowed, e.g. sending presence events to other servers |
+| dendrite.global.server_name | string | `"localhost"` | (required) Configure the server name for the dendrite instance. |
+| dendrite.global.server_notices | object | `{"avatar_url":"","display_name":"Server alerts","enabled":false,"local_part":"_server","room_name":"Server Alerts"}` | Server notices allows server admins to send messages to all users. |
+| dendrite.global.server_notices.avatar_url | string | `""` | The mxid of the avatar to use |
+| dendrite.global.server_notices.display_name | string | `"Server alerts"` | The displayname to be used when sending notices |
+| dendrite.global.server_notices.local_part | string | `"_server"` | The server localpart to be used when sending notices, ensure this is not yet taken |
+| dendrite.global.server_notices.room_name | string | `"Server Alerts"` | The roomname to be used when creating messages |
+| dendrite.global.trusted_third_party_id_servers | list | `["matrix.org","vector.im"]` | Configure the list of domains the server will trust as identity servers |
+| dendrite.global.well_known_client_name | string | `""` | Configure the well-known client name and optional port |
+| dendrite.global.well_known_server_name | string | `""` | Configure the well-known server name and optional port |
+| dendrite.logging | list | See values.yaml | Configure logging. |
+| dendrite.matrix_key_secret.create | bool | `false` | Create matrix_key secret using the keyBody below. |
+| dendrite.matrix_key_secret.existingSecret | string | `""` | Use an existing secret |
+| dendrite.matrix_key_secret.keyBody | string | `""` | New Key Body |
+| dendrite.matrix_key_secret.secretPath | string | `"matrix_key.pem"` | Field in the secret to get the key from |
+| dendrite.polylithEnabled | bool | `false` | Enable polylith deployment |
+| dendrite.polylith_ingress | object | See values.yaml | Enable and configure polylith ingress as per https://github.com/matrix-org/dendrite/blob/main/docs/nginx/polylith-sample.conf |
+| dendrite.polylith_ingress.syncapi_paths | list | See values.yaml | Sync API Paths are a little tricky since they require regular expressions. Therefore the paths will depend on the ingress controller used. See values.yaml for nginx and traefik. |
+| dendrite.report_stats | object | `{"enabled":false,"endpoint":""}` | Usage statistics reporting configuration |
+| dendrite.report_stats.enabled | bool | false | Enable or disable usage reporting |
+| dendrite.report_stats.endpoint | string | `""` | Push endpoint for usage statistics |
+| dendrite.tls_secret | object | See values.yaml | If enabled, use an existing secrets for the TLS certificate and key. Otherwise, to enable TLS a `server.crt` and `server.key` must be mounted at `/etc/dendrite`. |
+| dendrite.tracing | object | See values.yaml | Configure opentracing. |
+| federationapi | object | values.yaml | Configure the Federation API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) |
+| federationapi.database | object | See values.yaml | Override general dendrite.database parameters. |
+| federationapi.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime |
+| federationapi.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string |
+| federationapi.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections |
+| federationapi.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections |
+| federationapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| federationapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| federationapi.image.tag | string | chart.appVersion | image tag |
+| image | object | `{"pullPolicy":"IfNotPresent","repository":"ghcr.io/matrix-org/dendrite-monolith","tag":null}` |  IMPORTANT NOTE This chart inherits from our common library chart. You can check the default values/options here: https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml |
+| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| image.repository | string | `"ghcr.io/matrix-org/dendrite-monolith"` | image repository |
+| image.tag | string | chart.appVersion | image tag |
+| ingress.main | object | See values.yaml | (Monolith Only) Enable and configure ingress settings for the chart under this key. |
+| keyserver | object | See values.yaml | Configure the key server. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) |
+| keyserver.database | object | See values.yaml | Override general dendrite.database parameters. |
+| keyserver.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime |
+| keyserver.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string |
+| keyserver.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections |
+| keyserver.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections |
+| keyserver.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| keyserver.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| keyserver.image.tag | string | chart.appVersion | image tag |
+| mediaapi | object | values.yaml | Configure the Media API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) |
+| mediaapi.database | object | See values.yaml | Override general dendrite.database parameters. |
+| mediaapi.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime |
+| mediaapi.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string |
+| mediaapi.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections |
+| mediaapi.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections |
+| mediaapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| mediaapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| mediaapi.image.tag | string | chart.appVersion | image tag |
+| mscs | object | values.yaml | Configuration for experimental MSCs For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) |
+| mscs.database | object | See values.yaml | Override general dendrite.database parameters. |
+| mscs.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime |
+| mscs.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string |
+| mscs.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections |
+| mscs.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections |
+| nats.enabled | bool | See value.yaml | Enable and configure NATS for dendrite. Can be disabled for monolith deployments - an internal NATS server will be used in its place. |
+| nats.nats.image | string | `"nats:2.7.1-alpine"` |  |
+| nats.nats.jetstream.enabled | bool | `true` |  |
+| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
+| persistence.jetstream | object | See values.yaml | Configure Jetsream persistence. This is highly recommended in production. |
+| roomserver | object | values.yaml | Configure the Room Server For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) |
+| roomserver.database | object | See values.yaml | Override general dendrite.database parameters. |
+| roomserver.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime |
+| roomserver.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string |
+| roomserver.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections |
+| roomserver.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections |
+| roomserver.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| roomserver.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| roomserver.image.tag | string | chart.appVersion | image tag |
+| service | object | See values.yaml | If added dendrite will start a HTTP and HTTPS listener args:   - "--tls-cert=server.crt"   - "--tls-key=server.key" -- Configures service settings for the chart. |
+| service.main.ports.http | object | See values.yaml | Configures the default HTTP listener for dendrite |
+| service.main.ports.https | object | See values.yaml | Configures the HTTPS listener for dendrite |
+| syncapi | object | values.yaml | Configure the Sync API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) |
+| syncapi.database | object | See values.yaml | Override general dendrite.database parameters. |
+| syncapi.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime |
+| syncapi.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string |
+| syncapi.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections |
+| syncapi.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections |
+| syncapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| syncapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| syncapi.image.tag | string | chart.appVersion | image tag |
+| userapi | object | values.yaml | Configure the User API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml) |
+| userapi.config.bcrypt_cost | int | 10 | bcrypt cost (2^[cost] = rounds) |
+| userapi.database | object | See values.yaml | Override general dendrite.database parameters. |
+| userapi.database.conn_max_lifetime | string | dendrite.database.conn_max_lifetime | Maximum connection lifetime |
+| userapi.database.connection_string | string | file or derived from included postgresql deployment | Custom connection string |
+| userapi.database.max_idle_conns | string | dendrite.database.max_idle_conns | Maximum dile connections |
+| userapi.database.max_open_conns | string | dendrite.database.max_open_conns | Maximum open connections |
+| userapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
+| userapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
+| userapi.image.tag | string | chart.appVersion | image tag |
+
+## Changelog
+
+### Version 7.1.1
+
+#### Added
+
+N/A
+
+#### Changed
+
+N/A
+
+#### Fixed
+
+* Global database config
+
+### Older versions
+
+A historical overview of changes can be found on [ArtifactHUB](https://artifacthub.io/packages/helm/samipsolutions/dendrite?modal=changelog)
+
+## Support
+
+- See the [Docs](https://docs.k8s-at-home.com/our-helm-charts/getting-started/)
+- Open an [issue](https://github.com/samipsolutions/helm-charts/issues/new/choose)
+- Ask a [question](https://github.com/k8s-at-home/organization/discussions)
+- Join our [Discord](https://discord.gg/sTMX7Vh) community
+
+----------------------------------------------
+Autogenerated from chart metadata using [helm-docs v0.1.1](https://github.com/k8s-at-home/helm-docs/releases/v0.1.1)
--- a/charts/dendrite/README_CONFIG.md.gotmpl
+++ b/charts/dendrite/README_CONFIG.md.gotmpl
@ -0,0 +1,17 @@
+{{- define "custom.custom.configuration.header" -}}
+## Custom configuration
+{{- end -}}
+
+{{- define "custom.custom.configuration" -}}
+{{ template "custom.custom.configuration.header" . }}
+
+### Polylith Ingress
+
+Due to the complexity of setting up ingress for each individual component it
+is left up to the individual to add the necessary ingress fields to polylith deployments.
+
+For more information see:
+- https://github.com/matrix-org/dendrite/blob/master/docs/INSTALL.md#nginx-or-other-reverse-proxy
+- and https://github.com/matrix-org/dendrite/blob/master/docs/nginx/polylith-sample.conf
+
+{{- end -}}
--- a/charts/dendrite/ci/ct-values.yaml
+++ b/charts/dendrite/ci/ct-values.yaml
@ -0,0 +1,10 @@
+---
+dendrite:
+  matrix_key_secret:
+    create: true
+    keyBody: |
+      -----BEGIN MATRIX PRIVATE KEY-----
+      Key-ID: ed25519:P8gZqV
+
+      qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
+      -----END MATRIX PRIVATE KEY-----
--- a/charts/dendrite/ci/nats-values.yaml
+++ b/charts/dendrite/ci/nats-values.yaml
@ -0,0 +1,12 @@
+---
+dendrite:
+  matrix_key_secret:
+    create: true
+    keyBody: |
+      -----BEGIN MATRIX PRIVATE KEY-----
+      Key-ID: ed25519:P8gZqV
+
+      qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
+      -----END MATRIX PRIVATE KEY-----
+nats:
+  enabled: true
--- a/charts/dendrite/ci/polylith-basic-values.yaml
+++ b/charts/dendrite/ci/polylith-basic-values.yaml
@ -0,0 +1,13 @@
+---
+dendrite:
+  polylithEnabled: true
+  matrix_key_secret:
+    create: true
+    keyBody: |
+      -----BEGIN MATRIX PRIVATE KEY-----
+      Key-ID: ed25519:P8gZqV
+
+      qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
+      -----END MATRIX PRIVATE KEY-----
+nats:
+  enabled: true
--- a/charts/dendrite/ci/polylith-full-values.yaml
+++ b/charts/dendrite/ci/polylith-full-values.yaml
@ -0,0 +1,19 @@
+---
+dendrite:
+  polylithEnabled: true
+  matrix_key_secret:
+    create: true
+    keyBody: |
+      -----BEGIN MATRIX PRIVATE KEY-----
+      Key-ID: ed25519:P8gZqV
+
+      qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
+      -----END MATRIX PRIVATE KEY-----
+  polylith_ingress:
+    enabled: true
+    host: matrix.k8s-at-home.org
+nats:
+  enabled: true
+persistence:
+  jetstream:
+    enabled: true
--- a/charts/dendrite/templates/NOTES.txt
+++ b/charts/dendrite/templates/NOTES.txt
@ -0,0 +1 @@
+{{- include "common.notes.defaultNotes" . -}}
--- a/charts/dendrite/templates/_helper.tpl
+++ b/charts/dendrite/templates/_helper.tpl
@ -0,0 +1,3 @@
+{{- define "dendrite.names.key" -}}
+    {{- default (printf "%s-key" (include "common.names.fullname" .)) .Values.dendrite.matrix_key_secret.existingSecret -}}
+{{- end -}}
--- a/charts/dendrite/templates/common.yaml
+++ b/charts/dendrite/templates/common.yaml
@ -0,0 +1,77 @@
+{{- if .Values.dendrite.polylithEnabled }}
+  {{ $components := list "clientapi" "appserviceapi" "federationapi" "userapi" "keyserver" "mediaapi" "syncapi" "roomserver" }}
+  {{- range $components }}
+    {{- include "common.values.setup" (index $.Subcharts .) }}
+    {{- with (index $.Values .) }}
+      {{- with .image }}
+        {{- $_ := set . "tag" (default $.Chart.AppVersion .tag) -}}
+      {{- end -}}
+      {{- if not .persistence }}
+        {{- $_ := set . "persistence" (dict)}}
+      {{- end }}
+      {{- $_ := set .persistence "dendrite-key" (include "dendrite.keyVolume" $ | fromYaml) -}}
+      {{- $_ := set .persistence "dendrite-config" (include "dendrite.configVolume" $ | fromYaml) -}}
+      {{- $_ := set .persistence "dendrite-tls" (include "dendrite.tlsVolume" $ | fromYaml) -}}
+      {{- $_ := set .persistence "jetstream" $.Values.persistence.jetstream -}}
+    {{- end }}
+    {{- include "common.all" (index $.Subcharts .) }}
+  {{- end }}
+  {{- with (index $.Values "mediaapi") }}
+    {{- $_ := set .persistence "media" $.Values.persistence.media -}}
+  {{- end }}
+{{- else }}
+  {{ include "common.values.setup" . }}
+  {{- $_ := set .Values.persistence "dendrite-key" (include "dendrite.keyVolume" . | fromYaml) -}}
+  {{- $_ := set .Values.persistence "dendrite-config" (include "dendrite.configVolume" . | fromYaml) -}}
+  {{- $_ := set .Values.persistence "dendrite-tls" (include "dendrite.tlsVolume" . | fromYaml) -}}
+  {{ include "common.all" . }}
+{{- end }}
+{{- define "dendrite.hardcodedValues" -}}
+probes:
+  liveness:
+    enabled: true
+    custom: true
+    spec:
+      initialDelaySeconds: 10
+      periodSeconds: 10
+      timeoutSeconds: 5
+      failureThreshold: 10
+      httpGet:
+        path: /_dendrite/monitor/health
+        {{- if .Values.dendrite.polylithEnabled }}
+        port: internal
+        {{ else }}
+        port: http
+        {{ end }}
+  readiness:
+    enabled: true
+    custom: true
+    spec:
+      initialDelaySeconds: 10
+      periodSeconds: 10
+      timeoutSeconds: 5
+      failureThreshold: 10
+      httpGet:
+        path: /_dendrite/monitor/health
+        {{- if .Values.dendrite.polylithEnabled }}
+        port: internal
+        {{ else }}
+        port: http
+        {{ end }}
+  startup:
+    enabled: true
+    custom: true
+    spec:
+      initialDelaySeconds: 5
+      periodSeconds: 10
+      timeoutSeconds: 5
+      failureThreshold: 10
+      httpGet:
+        path: /_dendrite/monitor/up
+        {{- if .Values.dendrite.polylithEnabled }}
+        port: internal
+        {{ else }}
+        port: http
+        {{ end }}
+{{- end -}}
+{{- $_ := mergeOverwrite .Values (include "dendrite.hardcodedValues" . | fromYaml) -}}
--- a/charts/dendrite/templates/dendrite-config.yaml
+++ b/charts/dendrite/templates/dendrite-config.yaml
@ -0,0 +1,208 @@
+{{- $componentSpecificDatabaseConfig := or .Values.dendrite.polylithEnabled -}}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "common.names.fullname" . }}-config
+type: Opaque
+stringData:
+  dendrite.yaml: |
+    version: 2
+    global:
+      server_name: {{ required "A server_name must be provided." .Values.dendrite.global.server_name | quote }}
+      private_key: matrix_key.pem
+      key_validity_period: {{ default "168h0m0s" .Values.dendrite.global.key_validity_period | quote }}
+      cache:
+        max_size_estimated: {{ default "1gb" .Values.dendrite.global.cache.max_size_estimated | quote }}
+        max_age: {{ default "1h" .Values.dendrite.global.cache.max_age | quote }}
+      well_known_server_name: {{ default "" .Values.dendrite.global.well_known_server_name | quote }}
+      well_known_client_name: {{ default "" .Values.dendrite.global.well_known_client_name | quote }}
+      trusted_third_party_id_servers:
+      {{- toYaml .Values.dendrite.global.trusted_third_party_id_servers | nindent 8 }}
+      disable_federation: {{ default false .Values.dendrite.global.disable_federation }}
+      presence:
+        enable_inbound: {{ default false .Values.dendrite.global.presence.enable_inbound}}
+        enable_outbound: {{ default false .Values.dendrite.global.presence.enable_outbound }}
+      report_stats:
+        enabled: {{ default false .Values.dendrite.report_stats.enabled }}
+        endpoint: {{ default "https://matrix.org/report-usage-stats/push" .Values.dendrite.report_stats.endpoint }}
+      server_notices:
+        enabled: {{ default false .Values.dendrite.global.server_notices.enabled }}
+        local_part: {{ default "_server" .Values.dendrite.global.server_notices.local_part | quote }}
+        display_name: {{ default "Server alerts" .Values.dendrite.global.server_notices.display_name | quote }}
+        avatar_url: {{ default "" .Values.dendrite.global.server_notices.avatar_url | quote }}
+        room_name: {{ default "Server Alerts" .Values.dendrite.global.server_notices.room_name | quote }}
+      jetstream:
+        addresses:
+          {{- if .Values.nats.enabled }}
+          - {{ template "common.names.fullname" $.Subcharts.nats }}:4222
+          {{- else }}
+          []
+          {{- end }}
+        in_memory: {{ not .Values.persistence.jetstream.enabled }}
+        storage_path: {{ .Values.persistence.jetstream.mountPath }}
+        topic_prefix: "Dendrite"
+      metrics:
+        enabled: {{ default false .Values.dendrite.global.metrics.enabled }}
+        basic_auth:
+          username: {{ default "metrics" .Values.dendrite.global.metrics.basic_auth.username | quote }}
+          password: {{ default "metrics" .Values.dendrite.global.metrics.basic_auth.password | quote }}
+      dns_cache:
+        enabled: {{ default false .Values.dendrite.global.dns_cache.enabled }}
+        cache_size: {{ default 256 .Values.dendrite.global.dns_cache.cache_size }}
+        cache_lifetime: {{ default "5m" .Values.dendrite.global.dns_cache.cache_lifetime }}
+      {{- if not $componentSpecificDatabaseConfig }}
+      database:
+        connection_string: {{ .Values.database.connection_string }}
+        max_open_conns: {{ default 100 .Values.database.max_open_conns }}
+        max_idle_conns: {{ default 5 .Values.database.max_idle_conns }}
+        conn_max_lifetime: {{default -1 .Values.database.conn_max_lifetime }}
+      {{- end }}
+    app_service_api:
+      {{- if .Values.dendrite.polylithEnabled }}
+      internal_api:
+        listen: http://0.0.0.0:{{ .Values.appserviceapi.service.main.ports.internal.port }}
+        connect: http://{{ include "common.names.fullname" (index $.Subcharts "appserviceapi") }}:{{ .Values.appserviceapi.service.main.ports.internal.port }}
+      {{- end }}
+      {{- if $componentSpecificDatabaseConfig }}
+      database:
+        connection_string: {{ .Values.appserviceapi.database.connection_string }}
+        max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.appserviceapi.database.max_open_conns }}
+        max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.appserviceapi.database.max_idle_conns }}
+        conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.appserviceapi.database.conn_max_lifetime }}
+      {{- end }}
+      config_files: {{- toYaml .Values.appserviceapi.config.config_files | nindent 8 }}
+    client_api:
+      {{- if .Values.dendrite.polylithEnabled }}
+      internal_api:
+        listen: http://0.0.0.0:{{ .Values.clientapi.service.main.ports.internal.port }}
+        connect: http://{{ include "common.names.fullname" (index $.Subcharts "clientapi") }}:{{ .Values.clientapi.service.main.ports.internal.port }}
+      external_api:
+        listen: http://0.0.0.0:{{ .Values.clientapi.service.main.ports.external.port }}
+      {{- end }}
+      registration_disabled: {{ .Values.clientapi.config.registration_disabled }}
+      registration_shared_secret: {{ default "" .Values.clientapi.config.registration_shared_secret | quote }}
+      enable_registration_captcha: {{ default false .Values.clientapi.config.captcha.enabled }}
+      recaptcha_public_key: {{ default "" .Values.clientapi.config.captcha.recaptcha_public_key | quote }}
+      recaptcha_private_key: {{ default "" .Values.clientapi.config.captcha.recaptcha_private_key | quote }}
+      recaptcha_bypass_secret: {{ default "" .Values.clientapi.config.captcha.recaptcha_bypass_secret | quote }}
+      recaptcha_siteverify_api: {{ default "" .Values.clientapi.config.captcha.recaptcha_siteverify_api | quote }}
+      turn: {{- toYaml .Values.clientapi.config.turn | nindent 8 }}
+      rate_limiting:
+        enabled: {{ default true .Values.clientapi.config.rate_limiting.enabled }}
+        threshold: {{ default 5 .Values.clientapi.config.rate_limiting.threshold }}
+        cooloff_ms: {{ default 500 .Values.clientapi.config.rate_limiting.cooloff_ms }}
+        exempt_user_ids: {{ .Values.clientapi.config.exempt_user_ids }}
+    federation_api:
+      {{- if .Values.dendrite.polylithEnabled }}
+      internal_api:
+        listen: http://0.0.0.0:7772
+        connect: http://{{ include "common.names.fullname" (index $.Subcharts "federationapi") }}:7772
+      external_api:
+        listen: http://0.0.0.0:8072
+        conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.federationapi.database.conn_max_lifetime }}
+      federation_certificates: {{- toYaml .Values.federationapi.config.federation_certificates | nindent 8 }}
+      proxy_outbound:
+        enabled: {{ default false .Values.federationapi.config.proxy_outbound.enabled }}
+        protocol: {{ default "http" .Values.federationapi.config.proxy_outbound.protocol | quote }}
+        host: {{ default "localhost" .Values.federationapi.config.proxy_outbound.host | quote }}
+        port: {{ default 8080 .Values.federationapi.config.proxy_outbound.port }}
+      {{- end }}
+      {{- if $componentSpecificDatabaseConfig }}
+      database:
+        connection_string: {{ .Values.federationapi.database.connection_string }}
+        max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.federationapi.database.max_open_conns }}
+        max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.federationapi.database.max_idle_conns }}
+      {{- end }}
+      send_max_retries: {{ default 16 .Values.federationapi.config.send_max_retries }}
+      disable_tls_validation: {{ default false .Values.federationapi.config.disable_tls_validation }}
+      key_perspectives: {{- toYaml .Values.federationapi.config.key_perspectives | nindent 8 }}
+      prefer_direct_fetch: {{ default false .Values.federationapi.config.prefer_direct_fetch }}
+    key_server:
+      {{- if .Values.dendrite.polylithEnabled }}
+      internal_api:
+        listen: http://0.0.0.0:7779
+        connect: http://{{ include "common.names.fullname" (index $.Subcharts "keyserver") }}:7779
+      {{- end }}
+      {{- if $componentSpecificDatabaseConfig }}
+      database:
+        connection_string: {{ .Values.keyserver.database.connection_string }}
+        max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.keyserver.database.max_open_conns }}
+        max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.keyserver.database.max_idle_conns }}
+        conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.keyserver.database.conn_max_lifetime }}
+      {{- end }}
+    media_api:
+      {{- if .Values.dendrite.polylithEnabled }}
+      internal_api:
+        listen: http://0.0.0.0:7774
+        connect: http://{{ include "common.names.fullname" (index $.Subcharts "mediaapi") }}:7774
+      external_api:
+        listen: http://0.0.0.0:8074
+      {{- end }}
+      {{- if $componentSpecificDatabaseConfig }}
+      database:
+        connection_string: {{ .Values.mediaapi.database.connection_string }}
+        max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.mediaapi.database.max_open_conns }}
+        max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.mediaapi.database.max_idle_conns }}
+        conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.mediaapi.database.conn_max_lifetime }}
+      {{- end }}
+      base_path: {{ default "/var/dendrite/media" .Values.mediaapi.config.base_path | quote }}
+      max_file_size_bytes: {{ int ( default 10485760 .Values.mediaapi.config.max_file_size_bytes ) }}
+      dynamic_thumbnails: {{ default false .Values.mediaapi.config.dynamic_thumbnails }}
+      max_thumbnail_generators: {{ default 10 .Values.mediaapi.config.max_thumbnail_generators }}
+      thumbnail_sizes: {{- toYaml .Values.mediaapi.config.thumbnail_sizes | nindent 8 }}
+    mscs:
+      mscs: {{ .Values.dendrite.global.mscs | toYaml | nindent 8 }}
+      {{- if $componentSpecificDatabaseConfig }}
+      database:
+        connection_string: {{ .Values.mscs.database.connection_string }}
+        max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.mscs.database.max_open_conns }}
+        max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.mscs.database.max_idle_conns }}
+        conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.mscs.database.conn_max_lifetime }}
+      {{- end }}
+    room_server:
+      {{- if .Values.dendrite.polylithEnabled }}
+      internal_api:
+        listen: http://0.0.0.0:7770
+        connect: http://{{ include "common.names.fullname" (index $.Subcharts "roomserver") }}:7770
+      {{- end }}
+      {{- if $componentSpecificDatabaseConfig }}
+      database:
+        connection_string: {{ .Values.roomserver.database.connection_string }}
+        max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.roomserver.database.max_open_conns }}
+        max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.roomserver.database.max_idle_conns }}
+        conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.roomserver.database.conn_max_lifetime }}
+      {{- end }}
+    sync_api:
+      {{- if .Values.dendrite.polylithEnabled }}
+      internal_api:
+        listen: http://0.0.0.0:7773
+        connect: http://{{ include "common.names.fullname" (index $.Subcharts "syncapi") }}:7773
+      external_api:
+          listen: http://0.0.0.0:8073
+      {{- end }}
+      {{- if $componentSpecificDatabaseConfig }}
+      database:
+        connection_string: {{ .Values.syncapi.database.connection_string }}
+        max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.syncapi.database.max_open_conns }}
+        max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.syncapi.database.max_idle_conns }}
+        conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.syncapi.database.conn_max_lifetime }}
+      {{- end }}
+    user_api:
+      {{- if .Values.dendrite.polylithEnabled }}
+      internal_api:
+        listen: http://0.0.0.0:7781
+        connect: http://{{ include "common.names.fullname" (index $.Subcharts "userapi") }}:7781
+      {{- end }}
+      {{- if $componentSpecificDatabaseConfig }}
+      account_database:
+        connection_string: {{ .Values.userapi.database.connection_string }}
+        max_open_conns: {{ default .Values.dendrite.database.max_open_conns .Values.userapi.database.max_open_conns }}
+        max_idle_conns: {{ default .Values.dendrite.database.max_idle_conns .Values.userapi.database.max_idle_conns }}
+        conn_max_lifetime: {{ default .Values.dendrite.database.conn_max_lifetime .Values.userapi.database.conn_max_lifetime }}
+      {{- end }}
+      bcrypt_cost: {{ default 10 .Values.userapi.config.bcrypt_cost }}
+    tracing:
+      enabled: {{ .Values.dendrite.tracing.enabled }}
+      jaeger: {{- toYaml .Values.dendrite.tracing.jaeger | nindent 8 }}
+    logging: {{- toYaml .Values.dendrite.logging | nindent 6 }}
--- a/charts/dendrite/templates/ingress.yaml
+++ b/charts/dendrite/templates/ingress.yaml
@ -0,0 +1,57 @@
+{{- if .Values.dendrite.polylith_ingress.enabled -}}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ include "common.names.fullname" . }}
+  {{- if .Values.dendrite.polylith_ingress.annotations }}
+  annotations: {{ toYaml .Values.dendrite.polylith_ingress.annotations | nindent 4 }}
+  {{- end }}
+spec:
+  {{- if .Values.dendrite.tls_secret.enabled }}
+  tls:
+  - hosts:
+      - {{ .Values.dendrite.polylith_ingress.host | quote }}
+    secretName: {{ .Values.dendrite.tls_secret.existingSecret }}
+  {{- end }}
+  rules:
+    - host: {{ .Values.dendrite.polylith_ingress.host | quote }}
+      http:
+        paths:
+        {{- range .Values.dendrite.polylith_ingress.syncapi_paths }}
+        - path: {{ . | quote }}
+          pathType: Exact
+          backend:
+            service:
+              name: {{ include "common.names.fullname" (index $.Subcharts  "syncapi") }}
+              port:
+                number: {{ $.Values.syncapi.service.main.ports.external.port }}
+        {{- end }}
+        - path: /_matrix/client
+          pathType: Prefix
+          backend:
+            service:
+              name: {{ include "common.names.fullname" (index $.Subcharts  "clientapi") }}
+              port:
+                number: {{ .Values.clientapi.service.main.ports.external.port }}
+        - path: /_matrix/federation
+          pathType: Prefix
+          backend:
+            service:
+              name: {{ include "common.names.fullname" (index $.Subcharts  "federationapi") }}
+              port:
+                number: {{ .Values.federationapi.service.main.ports.external.port }}
+        - path: /_matrix/key
+          pathType: Prefix
+          backend:
+            service:
+              name: {{ include "common.names.fullname" (index $.Subcharts  "federationapi") }}
+              port:
+                number: {{ .Values.federationapi.service.main.ports.external.port }}
+        - path: /_matrix/media
+          pathType: Prefix
+          backend:
+            service:
+              name: {{ include "common.names.fullname" (index $.Subcharts  "mediaapi") }}
+              port:
+                number: {{ .Values.mediaapi.service.main.ports.external.port }}
+{{- end -}}
--- a/charts/dendrite/templates/matrix-key-secret.yaml
+++ b/charts/dendrite/templates/matrix-key-secret.yaml
@ -0,0 +1,9 @@
+{{- if .Values.dendrite.matrix_key_secret.create }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "dendrite.names.key" . }}
+stringData:
+  {{ .Values.dendrite.matrix_key_secret.secretPath }}: | {{ .Values.dendrite.matrix_key_secret.keyBody | nindent 4 }}
+{{- end }}
--- a/charts/dendrite/templates/volumes.yaml
+++ b/charts/dendrite/templates/volumes.yaml
@ -0,0 +1,35 @@
+{{- define "dendrite.keyVolume" -}}
+enabled: {{ .Values.dendrite.matrix_key_secret.enabled }}
+type: "custom"
+volumeSpec:
+  secret:
+    defaultMode: 0600
+    secretName: {{ include "dendrite.names.key" . }}
+subPath:
+  - path: {{ .Values.dendrite.matrix_key_secret.secretPath }}
+    mountPath: "/etc/dendrite/matrix_key.pem"
+{{- end -}}
+{{- define "dendrite.tlsVolume" -}}
+enabled: {{ .Values.dendrite.tls_secret.enabled }}
+type: "custom"
+volumeSpec:
+  secret:
+    defaultMode: 0600
+    secretName: {{ .Values.dendrite.tls_secret.existingSecret }}
+subPath:
+  - path: {{ .Values.dendrite.tls_secret.crtPath }}
+    mountPath: "/etc/dendrite/server.crt"
+  - path: {{ .Values.dendrite.tls_secret.keyPath }}
+    mountPath: "/etc/dendrite/server.key"
+{{- end -}}
+{{- define "dendrite.configVolume" -}}
+enabled: true
+type: "custom"
+volumeSpec:
+  secret:
+    defaultMode: 0600
+    secretName: {{ include "common.names.fullname" . }}-config
+subPath:
+  - path: dendrite.yaml
+    mountPath: "/etc/dendrite/dendrite.yaml"
+{{- end -}}
--- a/charts/dendrite/values.yaml
+++ b/charts/dendrite/values.yaml
@ -0,0 +1,599 @@
+#
+# IMPORTANT NOTE
+#
+# This chart inherits from our common library chart. You can check the default
+# values/options here:
+# https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml
+#
+---
+image:
+  # -- image repository
+  repository: ghcr.io/matrix-org/dendrite-monolith
+  # -- image tag
+  # @default -- chart.appVersion
+  tag:
+  # -- image pull policy
+  pullPolicy: IfNotPresent
+
+# -- If added dendrite will start a HTTP and HTTPS listener
+# args:
+#   - "--tls-cert=server.crt"
+#   - "--tls-key=server.key"
+
+# -- Configures service settings for the chart.
+# @default -- See values.yaml
+service:
+  main:
+    ports:
+      # -- Configures the default HTTP listener for dendrite
+      # @default -- See values.yaml
+      http:
+        port: 8008
+      # -- Configures the HTTPS listener for dendrite
+      # @default -- See values.yaml
+      https:
+        enabled: true
+        port: 8448
+        protocol: HTTPS
+
+ingress:
+  # -- (Monolith Only) Enable and configure ingress settings for the chart under
+  # this key.
+  # @default -- See values.yaml
+  main:
+    enabled: false
+
+# -- Configure persistence settings for the chart under this key.
+# @default -- See values.yaml
+persistence:
+  media:
+    enabled: false
+    mountPath: &mediaPath /var/dendrite/media
+    accessMode: ReadWriteOnce
+    size: 5Gi
+  # -- Configure Jetsream persistence. This is highly recommended in production.
+  # @default -- See values.yaml
+  jetstream:
+    enabled: false
+    mountPath: /var/dendrite/jetstream
+    accessMode: ReadWriteOnce
+    size: 1Gi
+
+# Configure global database settings
+# @default -- see values.yaml
+database:
+  connection_string: file:dendrite?sslmode=disable
+  max_open_conns: 100
+  max_idle_conns: 2
+  conn_max_lifetime: -1
+
+# -- Configure the key server.
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml)
+# @default -- See values.yaml
+keyserver:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    # @default -- chart.appVersion
+    tag:
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7779
+  args: "keyserver"
+  # -- Override general dendrite.database parameters.
+  # @default -- See values.yaml
+  database:
+    # -- Custom connection string
+    # @default -- file or derived from included postgresql deployment
+    connection_string: null
+    # -- Maximum open connections
+    # @default -- dendrite.database.max_open_conns
+    max_open_conns: null
+    # -- Maximum dile connections
+    # @default -- dendrite.database.max_idle_conns
+    max_idle_conns: null
+    # -- Maximum connection lifetime
+    # @default -- dendrite.database.conn_max_lifetime
+    conn_max_lifetime: null
+
+# -- Configure the app service api.
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml)
+# @default -- See values.yaml
+appserviceapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    # @default -- chart.appVersion
+    tag:
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7777
+  ingress:
+
+  args: "appservice"
+  # -- Override general dendrite.database parameters.
+  # @default -- See values.yaml
+  database:
+    # -- Custom connection string
+    # @default -- file or derived from included postgresql deployment
+    connection_string: null
+    # -- Maximum open connections
+    # @default -- dendrite.database.max_open_conns
+    max_open_conns: null
+    # -- Maximum dile connections
+    # @default -- dendrite.database.max_idle_conns
+    max_idle_conns: null
+    # -- Maximum connection lifetime
+    # @default -- dendrite.database.conn_max_lifetime
+    conn_max_lifetime: null
+  config:
+    config_files: []
+
+# -- Configuration for the client api component.
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml)
+# @default -- See values.yaml
+clientapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    # @default -- chart.appVersion
+    tag:
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7771
+        external:
+          enabled: true
+          port: 8071
+  args: "clientapi"
+  config:
+    # -- Enable or disable registration for this homeserver.
+    registration_disabled: true
+    # -- Shared secret that allows registration, despite registration_disabled.
+    registration_shared_secret: ""
+    # -- Configure captcha for registration
+    # @default -- See values.yaml
+    captcha:
+      enabled: false
+      recaptcha_public_key: ""
+      recaptcha_private_key: ""
+      recaptcha_bypass_secret: ""
+      recaptcha_siteverify_api: ""
+    # -- Configure TURN
+    # @default -- See values.yaml
+    turn:
+      turn_user_lifetime: ""
+      turn_uris: []
+      turn_shared_secret: ""
+      turn_username: ""
+      turn_password: ""
+    # -- Configure rate limiting.
+    # @default -- values.yaml
+    rate_limiting:
+      enabled: true
+      threshold: 5
+      cooloff_ms: 500
+      exempt_user_ids: []
+
+# -- Configure the Federation API
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml)
+# @default -- values.yaml
+federationapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    # @default -- chart.appVersion
+    tag:
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7772
+        external:
+          enabled: true
+          port: 8072
+  args: "federationapi"
+  # -- Override general dendrite.database parameters.
+  # @default -- See values.yaml
+  database:
+    # -- Custom connection string
+    # @default -- file or derived from included postgresql deployment
+    connection_string: null
+    # -- Maximum open connections
+    # @default -- dendrite.database.max_open_conns
+    max_open_conns: null
+    # -- Maximum dile connections
+    # @default -- dendrite.database.max_idle_conns
+    max_idle_conns: null
+    # -- Maximum connection lifetime
+    # @default -- dendrite.database.conn_max_lifetime
+    conn_max_lifetime: null
+  config:
+    federation-certificates: []
+    send-max_retires: 16
+    disable_tls_validation: false
+    proxy_outbound:
+      enabled: false
+      protocol: http
+      host: localhost
+      port: 8080
+    key_perspectives:
+      - server_name: matrix.org
+        keys:
+          - key_id: ed25519:auto
+            public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw
+          - key_id: ed25519:a_RXGa
+            public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ
+    prefer_direct_fetch: false
+
+# -- Configure the User API
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml)
+# @default -- values.yaml
+userapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    # @default -- chart.appVersion
+    tag:
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7781
+  args: "userapi"
+  # -- Override general dendrite.database parameters.
+  # @default -- See values.yaml
+  database:
+    # -- Custom connection string
+    # @default -- file or derived from included postgresql deployment
+    connection_string: null
+    # -- Maximum open connections
+    # @default -- dendrite.database.max_open_conns
+    max_open_conns: null
+    # -- Maximum dile connections
+    # @default -- dendrite.database.max_idle_conns
+    max_idle_conns: null
+    # -- Maximum connection lifetime
+    # @default -- dendrite.database.conn_max_lifetime
+    conn_max_lifetime: null
+  config:
+    # -- bcrypt cost (2^[cost] = rounds)
+    # @default -- 10
+    bcrypt_cost: 10
+
+# -- Configure the Sync API
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml)
+# @default -- values.yaml
+syncapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    # @default -- chart.appVersion
+    tag:
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7773
+        external:
+          enabled: true
+          port: 8073
+  args: "syncapi"
+  # -- Override general dendrite.database parameters.
+  # @default -- See values.yaml
+  database:
+    # -- Custom connection string
+    # @default -- file or derived from included postgresql deployment
+    connection_string: null
+    # -- Maximum open connections
+    # @default -- dendrite.database.max_open_conns
+    max_open_conns: null
+    # -- Maximum dile connections
+    # @default -- dendrite.database.max_idle_conns
+    max_idle_conns: null
+    # -- Maximum connection lifetime
+    # @default -- dendrite.database.conn_max_lifetime
+    conn_max_lifetime: null
+
+# -- Configure the Room Server
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml)
+# @default -- values.yaml
+roomserver:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    # @default -- chart.appVersion
+    tag:
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7770
+  args: "roomserver"
+  # -- Override general dendrite.database parameters.
+  # @default -- See values.yaml
+  database:
+    # -- Custom connection string
+    # @default -- file or derived from included postgresql deployment
+    connection_string: null
+    # -- Maximum open connections
+    # @default -- dendrite.database.max_open_conns
+    max_open_conns: null
+    # -- Maximum dile connections
+    # @default -- dendrite.database.max_idle_conns
+    max_idle_conns: null
+    # -- Maximum connection lifetime
+    # @default -- dendrite.database.conn_max_lifetime
+    conn_max_lifetime: null
+
+# -- Configure the Media API
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml)
+# @default -- values.yaml
+mediaapi:
+  image:
+    # -- image repository
+    repository: matrixdotorg/dendrite-polylith
+    # -- image tag
+    # @default -- chart.appVersion
+    tag:
+    # -- image pull policy
+    pullPolicy: IfNotPresent
+  service:
+    main:
+      ports:
+        http:
+          enabled: false
+        internal:
+          enabled: true
+          port: 7774
+        external:
+          enabled: true
+          port: 8074
+  args: "mediaapi"
+  # -- Override general dendrite.database parameters.
+  # @default -- See values.yaml
+  database:
+    # -- Custom connection string
+    # @default -- file or derived from included postgresql deployment
+    connection_string: null
+    # -- Maximum open connections
+    # @default -- dendrite.database.max_open_conns
+    max_open_conns: null
+    # -- Maximum dile connections
+    # @default -- dendrite.database.max_idle_conns
+    max_idle_conns: null
+    # -- Maximum connection lifetime
+    # @default -- dendrite.database.conn_max_lifetime
+    conn_max_lifetime: null
+  config:
+    base_path: *mediaPath
+    max_file_size_bytes: 10485760
+    dynamic_thumbnails: false
+    max_thumbnail_generators: 10
+    thumbnail_sizes:
+      - width: 32
+        height: 32
+        method: crop
+      - width: 96
+        height: 96
+        method: crop
+      - width: 640
+        height: 480
+        method: scale
+
+# -- Configuration for experimental MSCs
+# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml)
+# @default -- values.yaml
+mscs:
+  # -- Override general dendrite.database parameters.
+  # @default -- See values.yaml
+  database:
+    # -- Custom connection string
+    # @default -- file or derived from included postgresql deployment
+    connection_string: null
+    # -- Maximum open connections
+    # @default -- dendrite.database.max_open_conns
+    max_open_conns: null
+    # -- Maximum dile connections
+    # @default -- dendrite.database.max_idle_conns
+    max_idle_conns: null
+    # -- Maximum connection lifetime
+    # @default -- dendrite.database.conn_max_lifetime
+    conn_max_lifetime: null
+
+# -- Configuration for Dendrite.
+# For more information see [the sample
+# denrite-config.yaml](https://github.com/matrix-org/dendrite/blob/main/dendrite-sample.polylith.yaml)
+# @default -- See values.yaml
+dendrite:
+  # -- Enable polylith deployment
+  polylithEnabled: false
+  # -- Usage statistics reporting configuration
+  report_stats:
+    # -- Enable or disable usage reporting
+    # @default -- false
+    enabled: false
+    # -- Push endpoint for usage statistics
+    endpoint: ""
+  # -- If enabled, use an existing secrets for the TLS certificate and key.
+  # Otherwise, to enable TLS a `server.crt` and `server.key` must be mounted at
+  # `/etc/dendrite`.
+  # @default -- See values.yaml
+  tls_secret:
+    enabled: false
+    existingSecret: ""
+    crtPath: tls.crt
+    keyPath: tls.key
+
+  matrix_key_secret:
+    # -- Create matrix_key secret using the keyBody below.
+    create: false
+    # -- New Key Body
+    keyBody: ""
+    # -- Use an existing secret
+    existingSecret: ""
+    # -- Field in the secret to get the key from
+    secretPath: matrix_key.pem
+
+  # -- Enable and configure polylith ingress as per
+  # https://github.com/matrix-org/dendrite/blob/main/docs/nginx/polylith-sample.conf
+  # @default -- See values.yaml
+  polylith_ingress:
+    enabled: false
+    host: ""
+    annotations: {}
+    # -- Sync API Paths are a little tricky since they require regular expressions. Therefore
+    # the paths will depend on the ingress controller used. See values.yaml for nginx and traefik.
+    # @default -- See values.yaml
+    syncapi_paths: []
+      # For Traefik uncomment these lines
+      # - /_matrix/client/{version:.*?}/rooms/{roomid:.*?}/messages
+      # - /_matrix/client/{version:.*?}/keys/changes
+      # - /_matrix/client/{version:.*?}/user/{userid:.*?}/filter/{filterid:.*?}
+      # - /_matrix/client/{version:.*?}/user/{userid:.*?}/filter
+      # - /_matrix/client/{version:.*?}/sync
+      #
+      # For nginx uncomment these lines and add the annotations here:
+      # https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#use-regex
+      # - /_matrix/client/.*?/(sync|user/.*?/filter/?.*|keys/changes|rooms/.*?/messages)$
+
+  # -- Configure the global settings for dendrite.
+  # @default -- See values.yaml
+  global:
+    # -- (required) Configure the server name for the dendrite instance.
+    server_name: localhost
+    # -- Configure the key_validity period
+    key_validity_period: 168h0m0s
+    # -- Congigure the in-memory caches
+    cache:
+      # -- Configure the maximum estimated cache size (not a hard limit)
+      max_size_estimated: "1gb"
+      # -- The maximum amount of time that a cache entry can live for in memory
+      max_age: "1h"
+    # -- Configure the well-known server name and optional port
+    well_known_server_name: ""
+    # -- Configure the well-known client name and optional port
+    well_known_client_name: ""
+    # -- Configure the list of domains the server will trust as identity servers
+    trusted_third_party_id_servers:
+      - matrix.org
+      - vector.im
+    # -- Disables federation
+    disable_federation: false
+    # -- Configure handling of presence events
+    presence:
+      # -- Whether inbound presence events are allowed, e.g. receiving presence events from other servers
+      enable_inbound: false
+      # -- Whether outbound presence events are allowed, e.g. sending presence events to other servers
+      enable_outbound: false
+
+    # -- Server notices allows server admins to send messages to all users.
+    server_notices:
+      enabled: false
+      # -- The server localpart to be used when sending notices, ensure this is not yet taken
+      local_part: "_server"
+      # -- The displayname to be used when sending notices
+      display_name: "Server alerts"
+      # -- The mxid of the avatar to use
+      avatar_url: ""
+      # -- The roomname to be used when creating messages
+      room_name: "Server Alerts"
+    # -- Configure prometheus metrics collection for dendrite.
+    # @default -- See values.yaml
+    metrics:
+      # -- If enabled, metrics collection will be enabled
+      # @default -- See values.yaml
+      enabled: false
+      basic_auth:
+        username: metrics
+        password: metrics
+    # -- Configure DNS cache.
+    # @default -- See values.yaml
+    dns_cache:
+      # -- If enabled, dns cache will be enabled.
+      # @default -- See values.yaml
+      enabled: false
+      cache_size: 256
+      cache_lifetime: "5m"
+    # -- Configure experimental MSC's
+    mscs: []
+
+  # -- Configure opentracing.
+  # @default -- See values.yaml
+  tracing:
+    enabled: false
+    jaeger:
+      serviceName: ""
+      disabled: false
+      rpc_metrics: false
+      tags: []
+      sampler: null
+      reporter: null
+      headers: null
+      baggage_restrictions: null
+      throttler: null
+
+  # -- Configure logging.
+  # @default -- See values.yaml
+  logging:
+    - type: file
+      level: info
+      params:
+        path: /var/log/dendrite
+
+nats:
+  # -- Enable and configure NATS for dendrite. Can be disabled for monolith
+  # deployments - an internal NATS server will be used in its place.
+  # @default -- See value.yaml
+  enabled: false
+  nats:
+    image: nats:2.7.1-alpine
+    jetstream:
+      enabled: true
Author	SHA1	Message	Date
Till Faelligen	ecfb720ce6	Update uses	2022-12-05 08:38:19 +01:00
Till Faelligen	e5da7a527c	Add Helm CI stuff	2022-12-05 08:23:00 +01:00
Till	c355fe49fb	Merge branch 'main' into helm-chart	2022-12-05 07:27:48 +01:00
Skyler Mäntysaari	6bf7146728	Merge branch 'matrix-org:main' into helm-chart	2022-09-29 05:19:36 +03:00
Skyler Mäntysaari	e18e4c2009	Merge branch 'matrix-org:main' into helm-chart	2022-09-28 00:29:51 +03:00
Skyler Mäntysaari	2cb1531d7f	feat(helm-chart): Add chart to repo. Signed-off-by: Skyler Mäntysaari <sm+git@skym.fi>	2022-08-22 18:01:22 +03:00
				`@ -0,0 +1 @@`
				`{{- include "common.notes.defaultNotes" . -}}`