master-group/charts
2
0
Fork 0
mirror of https://github.com/k8s-at-home/charts.git synced 2025-01-23 15:39:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

[dendrite] Add dendrite polylith mode (#1399)

Browse Source 
Co-authored-by: S7evinK <s73vink@gmail.com>
Co-authored-by: Bᴇʀɴᴅ Sᴄʜᴏʀɢᴇʀs <me@bjw-s.dev>
Co-authored-by: Till Faelligen <tfaelligen@gmail.com>
This commit is contained in:
Jonathan Bartlett 2022-02-08 23:11:39 +00:00 committed by GitHub
parent ee03d09780
commit ffe4297db0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 623 additions and 199 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
charts/incubator/dendrite/Chart.yaml
View File

@ -1,9 +1,9 @@
---
apiVersion: v2
appVersion: 0.6.0
appVersion: 0.6.2
description: Dendrite Matrix Homeserver
name: dendrite
version: 2.0.0
version: 3.0.0
kubeVersion: ">=1.16.0-0"
keywords:
- dendrite
@ -11,6 +11,7 @@ keywords:
- homeserver
- monolith
- federation
- polylith
home: https://github.com/k8s-at-home/charts/tree/master/charts/stable/dendrite
sources:
- https://github.com/matrix-org/dendrite
@ -30,9 +31,73 @@ dependencies:
version: 0.12.1
repository: https://nats-io.github.io/k8s/helm/charts/
condition: nats.enabled
# Client API
- name: common
repository: https://library-charts.k8s-at-home.com
version: 4.3.0
alias: clientapi
condition: dendrite.polylithEnabled
# Media API
- name: common
repository: https://library-charts.k8s-at-home.com
version: 4.3.0
alias: mediaapi
condition: dendrite.polylithEnabled
# Sync API
- name: common
repository: https://library-charts.k8s-at-home.com
version: 4.3.0
alias: syncapi
condition: dendrite.polylithEnabled
# Room Server
- name: common
repository: https://library-charts.k8s-at-home.com
version: 4.3.0
alias: roomserver
condition: dendrite.polylithEnabled
# EDU Server
- name: common
repository: https://library-charts.k8s-at-home.com
version: 4.3.0
alias: eduserver
condition: dendrite.polylithEnabled
# Federation API
- name: common
repository: https://library-charts.k8s-at-home.com
version: 4.3.0
alias: federationapi
condition: dendrite.polylithEnabled
# Key Server
- name: common
repository: https://library-charts.k8s-at-home.com
version: 4.3.0
alias: keyserver
condition: dendrite.polylithEnabled
# User API
- name: common
repository: https://library-charts.k8s-at-home.com
version: 4.3.0
alias: userapi
condition: dendrite.polylithEnabled
# App Service API
- name: common
repository: https://library-charts.k8s-at-home.com
version: 4.3.0
alias: appserviceapi
condition: dendrite.polylithEnabled
annotations:
artifacthub.io/changes: |
- kind: changed
description: NATS is now used instead of Kafka
description: Refactored values for polylith mode
- kind: changed
description: App version bumped to v0.6.0
description: Split out volume template defintions into separate file
- kind: fix
description: NAT subchart indentation
- kind: fix
description: MSC's config and updated config version
- kind: changed
description: Bumped app version to v0.6.2
- kind: added
description: Support for polylith deployment
- kind: changed
description: Rename secret fields for consistency

96
charts/incubator/dendrite/README.md
View File

@ -1,6 +1,6 @@
# dendrite
![Version: 2.0.0](https://img.shields.io/badge/Version-2.0.0-informational?style=flat-square) ![AppVersion: 0.6.0](https://img.shields.io/badge/AppVersion-0.6.0-informational?style=flat-square)
![Version: 3.0.0](https://img.shields.io/badge/Version-3.0.0-informational?style=flat-square) ![AppVersion: 0.6.2](https://img.shields.io/badge/AppVersion-0.6.2-informational?style=flat-square)
Dendrite Matrix Homeserver
@ -21,6 +21,15 @@ Kubernetes: `>=1.16.0-0`
|------------|------|---------|
| https://charts.bitnami.com/bitnami | postgresql | 10.14.4 |
| https://library-charts.k8s-at-home.com | common | 4.3.0 |
| https://library-charts.k8s-at-home.com | federationapi(common) | 4.3.0 |
| https://library-charts.k8s-at-home.com | clientapi(common) | 4.3.0 |
| https://library-charts.k8s-at-home.com | mediaapi(common) | 4.3.0 |
| https://library-charts.k8s-at-home.com | syncapi(common) | 4.3.0 |
| https://library-charts.k8s-at-home.com | roomserver(common) | 4.3.0 |
| https://library-charts.k8s-at-home.com | eduserver(common) | 4.3.0 |
| https://library-charts.k8s-at-home.com | keyserver(common) | 4.3.0 |
| https://library-charts.k8s-at-home.com | userapi(common) | 4.3.0 |
| https://library-charts.k8s-at-home.com | appserviceapi(common) | 4.3.0 |
| https://nats-io.github.io/k8s/helm/charts/ | nats | 0.12.1 |
## TL;DR
@ -70,7 +79,14 @@ helm install dendrite k8s-at-home/dendrite -f values.yaml
## Custom configuration
N/A
### Polylith Ingress
Due to the complexity of setting up ingress for each individual component it
is left up to the individual to add the necessary ingress fields to polylith deployments.
For more information see:
- https://github.com/matrix-org/dendrite/blob/master/docs/INSTALL.md#nginx-or-other-reverse-proxy
- and https://github.com/matrix-org/dendrite/blob/master/docs/nginx/polylith-sample.conf
## Values
@ -78,17 +94,20 @@ N/A
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| appserviceapi | object | See values.yaml | Configure the app service api. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
| appserviceapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| appserviceapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
| appserviceapi.image.tag | string | `"v0.6.2"` | image tag |
| clientapi | object | See values.yaml | Configuration for the client api component. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
| clientapi.config.captcha | object | See values.yaml | Configure captcha for registration |
| clientapi.config.rate_limiting | object | values.yaml | Configure rate limiting. |
| clientapi.config.registration_disabled | bool | `false` | Enable or disable registration for this homeserver. |
| clientapi.config.registration_shared_secret | string | `""` | Shared secret that allows registration, despite registration_disabled. |
| clientapi.config.turn | object | See values.yaml | Configure TURN |
| clientapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| clientapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
| clientapi.image.tag | string | `"v0.6.2"` | image tag |
| dendrite | object | See values.yaml | Configuration for Dendrite. For more information see [the sample denrite-config.yaml](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
| dendrite.components | object | See values.yaml | Configure the dendrite components. |
| dendrite.components.app_service_api | object | See values.yaml | Configure the App Service API |
| dendrite.components.client_api | object | `{"captcha":{"enabled":false,"recaptcha_bypass_secret":"","recaptcha_private_key":"","recaptcha_public_key":"","recaptcha_siteverify_api":""},"rate_limiting":{"cooloff_ms":500,"enabled":true,"threshold":5},"registration_disabled":false,"registration_shared_secret":"","turn":{"turn_password":"","turn_shared_secret":"","turn_uris":[],"turn_user_lifetime":"","turn_username":""}}` | Configure the Client API |
| dendrite.components.client_api.captcha | object | See values.yaml | Configure captcha for registration |
| dendrite.components.client_api.rate_limiting | object | values.yaml | Configure rate limiting. |
| dendrite.components.client_api.registration_disabled | bool | `false` | Enable or disable registration for this homeserver. |
| dendrite.components.client_api.registration_shared_secret | string | `""` | Shared secret that allows registration, despite registration_disabled. |
| dendrite.components.client_api.turn | object | See values.yaml | Configure TURN |
| dendrite.components.federation_api | object | values.yaml | Configure the Federation API |
| dendrite.components.media_api | object | values.yaml | Configure the Media API |
| dendrite.database | object | See values.yaml | Configure database connection parameters. |
| dendrite.global | object | See values.yaml | Configure the global settings for dendrite. |
| dendrite.global.dns_cache | object | See values.yaml | Configure DNS cache. |
@ -96,21 +115,42 @@ N/A
| dendrite.global.key_validity_period | string | `"168h0m0s"` | Configure the key_validity period |
| dendrite.global.metrics | object | See values.yaml | Configure prometheus metrics collection for dendrite. |
| dendrite.global.metrics.enabled | bool | See values.yaml | If enabled, metrics collection will be enabled |
| dendrite.global.mscs | list | `[]` | Configure experimental MSC's |
| dendrite.global.server_name | string | `"localhost"` | (required) Configure the server name for the dendrite instance. |
| dendrite.global.trusted_third_party_id_servers | list | `["matrix.org","vector.im"]` | Configure the list of domains the server will trust as identity servers |
| dendrite.global.well_known_server_name | string | `""` | Configure the well-known server name and optional port |
| dendrite.logging | list | See values.yaml | Configure logging. |
| dendrite.matrix_key_secret | object | See values.yaml | If enabled, use an existing secret for matrix_key.pem. Otherwise a matrix_key.pem must be mounted to `/etc/dendrite`. |
| dendrite.matrix_key_secret.create | bool | `false` | Create matrix_key secret using the keyBody below. |
| dendrite.matrix_key_secret.existingSecret | string | `""` | Use an existing secret |
| dendrite.matrix_key_secret.keyBody | string | `""` | New Key Body |
| dendrite.matrix_key_secret.secretPath | string | `"matrix_key.pem"` | Field in the secret to get the key from |
| dendrite.polylithEnabled | bool | `false` | Enable polylith deployment |
| dendrite.tls_secret | object | See values.yaml | If enabled, use an existing secrets for the TLS certificate and key. Otherwise, to enable TLS a `server.crt` and `server.key` must be mounted at `/etc/dendrite`. |
| dendrite.tracing | object | See values.yaml | Configure opentracing. |
| image | object | `{"pullPolicy":"IfNotPresent","repository":"matrixdotorg/dendrite-monolith","tag":"v0.5.1"}` | IMPORTANT NOTE This chart inherits from our common library chart. You can check the default values/options here: https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml |
| eduserver | object | values.yaml | Configure the edu server For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
| eduserver.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| eduserver.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
| eduserver.image.tag | string | `"v0.6.2"` | image tag |
| federationapi | object | values.yaml | Configure the Federation API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
| federationapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| federationapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
| federationapi.image.tag | string | `"v0.6.2"` | image tag |
| image | object | `{"pullPolicy":"IfNotPresent","repository":"matrixdotorg/dendrite-monolith","tag":"v0.6.2"}` | IMPORTANT NOTE This chart inherits from our common library chart. You can check the default values/options here: https://github.com/k8s-at-home/library-charts/tree/main/charts/stable/common/values.yaml |
| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| image.repository | string | `"matrixdotorg/dendrite-monolith"` | image repository |
| image.tag | string | `"v0.5.1"` | image tag |
| image.tag | string | `"v0.6.2"` | image tag |
| ingress.main | object | See values.yaml | Enable and configure ingress settings for the chart under this key. |
| keyserver | object | See values.yaml | Configure the key server. For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
| keyserver.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| keyserver.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
| keyserver.image.tag | string | `"v0.6.2"` | image tag |
| mediaapi | object | values.yaml | Configure the Media API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
| mediaapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| mediaapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
| mediaapi.image.tag | string | `"v0.6.2"` | image tag |
| nats.enabled | bool | See value.yaml | Enable and configure NATS for dendrite. Can be disabled for monolith deployments - an internal NATS server will be used in its place. |
| nats.image | string | `"nats:2.7.1-alpine"` | |
| nats.jetstream.enabled | bool | `true` | |
| nats.nats.image | string | `"nats:2.7.1-alpine"` | |
| nats.nats.jetstream.enabled | bool | `true` | |
| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
| persistence.jetstream | object | See values.yaml | Configure Jetsream persistence. This is highly recommended in production. |
| postgresql.enabled | bool | See value.yaml | Enable and configure postgres as the database for dendrite. |
@ -121,22 +161,36 @@ N/A
| postgresql.postgresqlDatabase | string | `"dendrite"` | |
| postgresql.postgresqlPassword | string | `"changeme"` | |
| postgresql.postgresqlUsername | string | `"dendrite"` | |
| roomserver | object | values.yaml | Configure the Room Server For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
| roomserver.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| roomserver.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
| roomserver.image.tag | string | `"v0.6.2"` | image tag |
| service | object | See values.yaml | If added dendrite will start a HTTP and HTTPS listener args: - "--tls-cert=server.crt" - "--tls-key=server.key" -- Configures service settings for the chart. |
| service.main.ports.http | object | See values.yaml | Configures the default HTTP listener for dendrite |
| service.main.ports.https | object | See values.yaml | Configures the HTTPS listener for dendrite |
| syncapi | object | values.yaml | Configure the Sync API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
| syncapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| syncapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
| syncapi.image.tag | string | `"v0.6.2"` | image tag |
| userapi | object | values.yaml | Configure the User API For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml) |
| userapi.image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| userapi.image.repository | string | `"matrixdotorg/dendrite-polylith"` | image repository |
| userapi.image.tag | string | `"v0.6.2"` | image tag |
## Changelog
### Version 2.0.0
### Version 3.0.0
#### Added
N/A
* Support for polylith deployment
#### Changed
* NATS is now used instead of Kafka
* App version bumped to v0.6.0
* Refactored values for polylith mode
* Split out volume template defintions into separate file
* Bumped app version to v0.6.2
* Rename secret fields for consistency
#### Fixed

10
charts/incubator/dendrite/README_CONFIG.md.gotmpl
View File

@ -5,5 +5,13 @@
{{- define "custom.custom.configuration" -}}
{{ template "custom.custom.configuration.header" . }}
N/A
### Polylith Ingress
Due to the complexity of setting up ingress for each individual component it
is left up to the individual to add the necessary ingress fields to polylith deployments.
For more information see:
- https://github.com/matrix-org/dendrite/blob/master/docs/INSTALL.md#nginx-or-other-reverse-proxy
- and https://github.com/matrix-org/dendrite/blob/master/docs/nginx/polylith-sample.conf
{{- end -}}

13
charts/incubator/dendrite/ci/ct-values.yaml
View File

@ -1,11 +1,10 @@
---
dendrite:
matrix_key_secret:
enabled: true
secret:
matrix_key.pem: |
-----BEGIN MATRIX PRIVATE KEY-----
Key-ID: ed25519:P8gZqV
create: true
keyBody: |
-----BEGIN MATRIX PRIVATE KEY-----
Key-ID: ed25519:P8gZqV
qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
-----END MATRIX PRIVATE KEY-----
qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
-----END MATRIX PRIVATE KEY-----

12
charts/incubator/dendrite/ci/nats-values.yaml Normal file
View File

@ -0,0 +1,12 @@
---
dendrite:
matrix_key_secret:
create: true
keyBody: |
-----BEGIN MATRIX PRIVATE KEY-----
Key-ID: ed25519:P8gZqV
qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
-----END MATRIX PRIVATE KEY-----
nats:
enabled: true

13
charts/incubator/dendrite/ci/polylith-basic-values.yaml Normal file
View File

@ -0,0 +1,13 @@
---
dendrite:
polylithEnabled: true
matrix_key_secret:
create: true
keyBody: |
-----BEGIN MATRIX PRIVATE KEY-----
Key-ID: ed25519:P8gZqV
qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
-----END MATRIX PRIVATE KEY-----
nats:
enabled: true

18
charts/incubator/dendrite/ci/polylith-full-values.yaml Normal file
View File

@ -0,0 +1,18 @@
---
dendrite:
polylithEnabled: true
matrix_key_secret:
create: true
keyBody: |
-----BEGIN MATRIX PRIVATE KEY-----
Key-ID: ed25519:P8gZqV
qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
-----END MATRIX PRIVATE KEY-----
nats:
enabled: true
persistence:
jetstream:
enabled: true
postgresql:
enabled: true

12
charts/incubator/dendrite/ci/postresql-values.yaml Normal file
View File

@ -0,0 +1,12 @@
---
dendrite:
matrix_key_secret:
create: true
keyBody: |
-----BEGIN MATRIX PRIVATE KEY-----
Key-ID: ed25519:P8gZqV
qVzy2Cwokt15RjGy8OzFSq6z0JFmI6QX/1Zw1VP73uU=
-----END MATRIX PRIVATE KEY-----
postgresql:
enabled: true

3
charts/incubator/dendrite/templates/_helper.tpl Normal file
View File

@ -0,0 +1,3 @@
{{- define "dendrite.names.key" -}}
{{- default (printf "%s-key" (include "common.names.fullname" .)) .Values.dendrite.matrix_key_secret.existingSecret -}}
{{- end -}}

67
charts/incubator/dendrite/templates/common.yaml
View File

@ -1,42 +1,25 @@
{{ include "common.values.setup" . }}
{{- define "dendrite.keyVolume" -}}
enabled: {{ .Values.dendrite.matrix_key_secret.enabled | quote }}
type: "custom"
volumeSpec:
secret:
defaultMode: 0600
secretName: {{ default (include "common.names.fullname" .) .Values.dendrite.matrix_key_secret.secretName }}
subPath:
- path: {{ .Values.dendrite.matrix_key_secret.key }}
mountPath: "/etc/dendrite/matrix_key.pem"
{{- end -}}
{{- define "dendrite.tlsVolume" -}}
enabled: {{ .Values.dendrite.tls_secret.enabled }}
type: "custom"
volumeSpec:
secret:
defaultMode: 0600
secretName: {{ .Values.dendrite.tls_secret.secretName }}
subPath:
- path: {{ .Values.dendrite.tls_secret.crtKey }}
mountPath: "/etc/dendrite/server.crt"
- path: {{ .Values.dendrite.tls_secret.keyKey }}
mountPath: "/etc/dendrite/server.key"
{{- end -}}
{{- define "dendrite.configVolume" -}}
enabled: "true"
type: "custom"
volumeSpec:
secret:
defaultMode: 0600
secretName: {{ include "common.names.fullname" . }}-config
subPath:
- path: dendrite.yaml
mountPath: "/etc/dendrite/dendrite.yaml"
{{- end -}}
{{- $_ := set .Values.persistence "dendrite-key" (include "dendrite.keyVolume" . | fromYaml) -}}
{{- $_ := set .Values.persistence "dendrite-config" (include "dendrite.configVolume" . | fromYaml) -}}
{{- $_ := set .Values.persistence "dendrite-tls" (include "dendrite.tlsVolume" . | fromYaml) -}}
{{ include "common.all" . }}
{{- if .Values.dendrite.polylithEnabled }}
{{ $components := list "clientapi" "appserviceapi" "federationapi" "userapi" "keyserver" "mediaapi" "syncapi" "roomserver" "eduserver" }}
{{- range $components }}
{{- include "common.values.setup" (index $.Subcharts .) }}
{{- with (index $.Values .) }}
{{- if not .persistence }}
{{- $_ := set . "persistence" (dict)}}
{{- end }}
{{- $_ := set .persistence "dendrite-key" (include "dendrite.keyVolume" $ | fromYaml) -}}
{{- $_ := set .persistence "dendrite-config" (include "dendrite.configVolume" $ | fromYaml) -}}
{{- $_ := set .persistence "dendrite-tls" (include "dendrite.tlsVolume" $ | fromYaml) -}}
{{- $_ := set .persistence "jetstream" $.Values.persistence.jetstream -}}
{{- end }}
{{- include "common.all" (index $.Subcharts .) }}
{{- end }}
{{- with (index $.Values "mediaapi") }}
{{- $_ := set .persistence "media" $.Values.persistence.media -}}
{{- end }}
{{- else }}
{{ include "common.values.setup" . }}
{{- $_ := set .Values.persistence "dendrite-key" (include "dendrite.keyVolume" . | fromYaml) -}}
{{- $_ := set .Values.persistence "dendrite-config" (include "dendrite.configVolume" . | fromYaml) -}}
{{- $_ := set .Values.persistence "dendrite-tls" (include "dendrite.tlsVolume" . | fromYaml) -}}
{{ include "common.all" . }}
{{- end }}

89
charts/incubator/dendrite/templates/dendrite-config.yaml
View File

@ -1,6 +1,6 @@
{{- $connectionString := "file:" -}}
{{- if .Values.postgresql.enabled}}
{{- $connectionString = print "postgresql://" .Values.postgresql.postgresqlUsername ":" .Values.postgresql.postgresqlPassword "@dendrite-postgresql/" -}}
{{- $connectionString = print "postgresql://" .Values.postgresql.postgresqlUsername ":" .Values.postgresql.postgresqlPassword "@" (include "common.names.fullname" .) "-postgresql/" -}}
{{- end}}
---
apiVersion: v1
@ -10,7 +10,7 @@ metadata:
type: Opaque
stringData:
dendrite.yaml: |
version: 1
version: 2
global:
server_name: {{ required "A server_name must be provided." .Values.dendrite.global.server_name | quote }}
private_key: matrix_key.pem
@ -21,7 +21,7 @@ stringData:
jetstream:
addresses:
{{- if .Values.nats.enabled }}
- {{ include "nats.fullname" .Subcharts.nats }}:4222
- {{ template "common.names.fullname" . }}-nats:4222
{{- else }}
[]
{{- end }}
@ -39,40 +39,40 @@ stringData:
cache_lifetime: {{ default "5m" .Values.dendrite.global.dns_cache.cache_lifetime }}
app_service_api:
internal_api:
listen: http://0.0.0.0:7777
connect: http://appservice_api:7777
listen: http://0.0.0.0:{{ .Values.appserviceapi.service.main.ports.internal.port }}
connect: http://{{ include "common.names.fullname" . }}-appserviceapi:{{ .Values.appserviceapi.service.main.ports.internal.port }}
database:
connection_string: {{ $connectionString }}dendrite_appservice?sslmode=disable
max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
max_idle_conns: {{ .Values.dendrite.database.max_idle_conns }}
conn_max_lifetime: {{ .Values.dendrite.database.conn_max_lifetime }}
config_files: {{- toYaml .Values.dendrite.components.app_service_api.config_files | nindent 8 }}
config_files: {{- toYaml .Values.appserviceapi.config.config_files | nindent 8 }}
client_api:
internal_api:
listen: http://0.0.0.0:7771
connect: http://client_api:7771
listen: http://0.0.0.0:{{ .Values.clientapi.service.main.ports.internal.port }}
connect: http://{{ include "common.names.fullname" . }}-clientapi:{{ .Values.clientapi.service.main.ports.internal.port }}
external_api:
listen: http://0.0.0.0:8071
registration_disabled: {{ default false .Values.dendrite.components.client_api.registration_disabled }}
registration_shared_secret: {{ default "" .Values.dendrite.components.client_api.registration_shared_secret | quote }}
enable_registration_captcha: {{ default false .Values.dendrite.components.client_api.captcha.enabled }}
recaptcha_public_key: {{ default "" .Values.dendrite.components.client_api.captcha.recaptcha_public_key | quote }}
recaptcha_private_key: {{ default "" .Values.dendrite.components.client_api.captcha.recaptcha_private_key | quote }}
recaptcha_bypass_secret: {{ default "" .Values.dendrite.components.client_api.captcha.recaptcha_bypass_secret | quote }}
recaptcha_siteverify_api: {{ default "" .Values.dendrite.components.client_api.captcha.recaptcha_siteverify_api | quote }}
turn: {{- toYaml .Values.dendrite.components.client_api.turn | nindent 8 }}
listen: http://0.0.0.0:{{ .Values.clientapi.service.main.ports.external.port }}
registration_disabled: {{ default false .Values.clientapi.config.registration_disabled }}
registration_shared_secret: {{ default "" .Values.clientapi.config.registration_shared_secret | quote }}
enable_registration_captcha: {{ default false .Values.clientapi.config.captcha.enabled }}
recaptcha_public_key: {{ default "" .Values.clientapi.config.captcha.recaptcha_public_key | quote }}
recaptcha_private_key: {{ default "" .Values.clientapi.config.captcha.recaptcha_private_key | quote }}
recaptcha_bypass_secret: {{ default "" .Values.clientapi.config.captcha.recaptcha_bypass_secret | quote }}
recaptcha_siteverify_api: {{ default "" .Values.clientapi.config.captcha.recaptcha_siteverify_api | quote }}
turn: {{- toYaml .Values.clientapi.config.turn | nindent 8 }}
rate_limiting:
enabled: {{ default true .Values.dendrite.components.client_api.rate_limiting.enabled }}
threshold: {{ default 5 .Values.dendrite.components.client_api.rate_limiting.threshold }}
cooloff_ms: {{ default 500 .Values.dendrite.components.client_api.rate_limiting.cooloff_ms }}
enabled: {{ default true .Values.clientapi.config.rate_limiting.enabled }}
threshold: {{ default 5 .Values.clientapi.config.rate_limiting.threshold }}
cooloff_ms: {{ default 500 .Values.clientapi.config.rate_limiting.cooloff_ms }}
edu_server:
internal_api:
listen: http://0.0.0.0:7778
connect: http://edu_server:7778
connect: http://{{ include "common.names.fullname" . }}-eduserver:7778
federation_api:
internal_api:
listen: http://0.0.0.0:7772
connect: http://federation_api:7772
connect: http://{{ include "common.names.fullname" . }}-federationapi:7772
external_api:
listen: http://0.0.0.0:8072
database:
@ -80,20 +80,20 @@ stringData:
max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
max_idle_conns: {{ .Values.dendrite.database.max_idle_conns }}
conn_max_lifetime: {{ .Values.dendrite.database.conn_max_lifetime }}
federation_certificates: {{- toYaml .Values.dendrite.components.federation_api.federation_certificates | nindent 8 }}
send_max_retries: {{ default 16 .Values.dendrite.components.federation_api.send_max_retries }}
disable_tls_validation: {{ default false .Values.dendrite.components.federation_api.disable_tls_validation }}
federation_certificates: {{- toYaml .Values.federationapi.config.federation_certificates | nindent 8 }}
send_max_retries: {{ default 16 .Values.federationapi.config.send_max_retries }}
disable_tls_validation: {{ default false .Values.federationapi.config.disable_tls_validation }}
proxy_outbound:
enabled: {{ default false .Values.dendrite.components.federation_api.proxy_outbound.enabled }}
protocol: {{ default "http" .Values.dendrite.components.federation_api.proxy_outbound.protocol | quote }}
host: {{ default "localhost" .Values.dendrite.components.federation_api.proxy_outbound.host | quote }}
port: {{ default 8080 .Values.dendrite.components.federation_api.proxy_outbound.port }}
key_perspectives: {{- toYaml .Values.dendrite.components.federation_api.key_perspectives | nindent 8 }}
prefer_direct_fetch: {{ default false .Values.dendrite.components.federation_api.prefer_direct_fetch }}
enabled: {{ default false .Values.federationapi.config.proxy_outbound.enabled }}
protocol: {{ default "http" .Values.federationapi.config.proxy_outbound.protocol | quote }}
host: {{ default "localhost" .Values.federationapi.config.proxy_outbound.host | quote }}
port: {{ default 8080 .Values.federationapi.config.proxy_outbound.port }}
key_perspectives: {{- toYaml .Values.federationapi.config.key_perspectives | nindent 8 }}
prefer_direct_fetch: {{ default false .Values.federationapi.config.prefer_direct_fetch }}
key_server:
internal_api:
listen: http://0.0.0.0:7779
connect: http://key_server:7779
connect: http://{{ include "common.names.fullname" . }}-keyserver:7779
database:
connection_string: {{ $connectionString }}dendrite_keyserver?sslmode=disable
max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
@ -102,7 +102,7 @@ stringData:
media_api:
internal_api:
listen: http://0.0.0.0:7774
connect: http://media_api:7774
connect: http://{{ include "common.names.fullname" . }}-mediaapi:7774
external_api:
listen: http://0.0.0.0:8074
database:
@ -110,15 +110,22 @@ stringData:
max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
max_idle_conns: {{ .Values.dendrite.database.max_idle_conns }}
conn_max_lifetime: {{ .Values.dendrite.database.conn_max_lifetime }}
base_path: {{ default "/var/dendrite/media" .Values.dendrite.components.media_api.base_path | quote }}
max_file_size_bytes: {{ default 10485760 .Values.dendrite.components.media_api.max_file_size_bytes }}
dynamic_thumbnails: {{ default false .Values.dendrite.components.media_api.dynamic_thumbnails }}
max_thumbnail_generators: {{ default 10 .Values.dendrite.components.media_api.max_thumbnail_generators }}
thumbnail_sizes: {{- toYaml .Values.dendrite.components.media_api.thumbnail_sizes | nindent 8 }}
base_path: {{ default "/var/dendrite/media" .Values.mediaapi.config.base_path | quote }}
max_file_size_bytes: {{ int ( default 10485760 .Values.mediaapi.config.max_file_size_bytes ) }}
dynamic_thumbnails: {{ default false .Values.mediaapi.config.dynamic_thumbnails }}
max_thumbnail_generators: {{ default 10 .Values.mediaapi.config.max_thumbnail_generators }}
thumbnail_sizes: {{- toYaml .Values.mediaapi.config.thumbnail_sizes | nindent 8 }}
mscs:
mscs: {{ .Values.dendrite.global.mscs | toYaml | nindent 8 }}
database:
connection_string: {{ $connectionString }}dendrite_mscs?sslmode=disable
max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
max_idle_conns: {{ .Values.dendrite.database.max_idle_conns }}
conn_max_lifetime: {{ .Values.dendrite.database.conn_max_lifetime }}
room_server:
internal_api:
listen: http://0.0.0.0:7770
connect: http://room_server:7770
connect: http://{{ include "common.names.fullname" . }}-roomserver:7770
database:
connection_string: {{ $connectionString }}dendrite_roomserver?sslmode=disable
max_open_conns: {{ .Values.dendrite.database.max_open_conns }}
@ -127,7 +134,7 @@ stringData:
sync_api:
internal_api:
listen: http://0.0.0.0:7773
connect: http://sync_api:7773
connect: http://{{ include "common.names.fullname" . }}-syncapi:7773
external_api:
listen: http://0.0.0.0:8073
database:
@ -138,7 +145,7 @@ stringData:
user_api:
internal_api:
listen: http://0.0.0.0:7781
connect: http://user_api:7781
connect: http://{{ include "common.names.fullname" . }}-userapi:7781
account_database:
connection_string: {{ $connectionString }}dendrite_userapi_accounts?sslmode=disable
max_open_conns: {{ .Values.dendrite.database.max_open_conns }}

9
charts/incubator/dendrite/templates/matrix-key-secret.yaml Normal file
View File

@ -0,0 +1,9 @@
{{- if .Values.dendrite.matrix_key_secret.create }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "dendrite.names.key" . }}
stringData:
{{ .Values.dendrite.matrix_key_secret.secretPath }}: | {{ .Values.dendrite.matrix_key_secret.keyBody | nindent 4 }}
{{- end }}

35
charts/incubator/dendrite/templates/volumes.yaml Normal file
View File

@ -0,0 +1,35 @@
{{- define "dendrite.keyVolume" -}}
enabled: {{ .Values.dendrite.matrix_key_secret.enabled }}
type: "custom"
volumeSpec:
secret:
defaultMode: 0600
secretName: {{ include "dendrite.names.key" . }}
subPath:
- path: {{ .Values.dendrite.matrix_key_secret.secretPath }}
mountPath: "/etc/dendrite/matrix_key.pem"
{{- end -}}
{{- define "dendrite.tlsVolume" -}}
enabled: {{ .Values.dendrite.tls_secret.enabled }}
type: "custom"
volumeSpec:
secret:
defaultMode: 0600
secretName: {{ .Values.dendrite.tls_secret.existingSecret }}
subPath:
- path: {{ .Values.dendrite.tls_secret.crtPath }}
mountPath: "/etc/dendrite/server.crt"
- path: {{ .Values.dendrite.tls_secret.keyPath }}
mountPath: "/etc/dendrite/server.key"
{{- end -}}
{{- define "dendrite.configVolume" -}}
enabled: true
type: "custom"
volumeSpec:
secret:
defaultMode: 0600
secretName: {{ include "common.names.fullname" . }}-config
subPath:
- path: dendrite.yaml
mountPath: "/etc/dendrite/dendrite.yaml"
{{- end -}}

372
charts/incubator/dendrite/values.yaml
View File

@ -10,7 +10,7 @@ image:
# -- image repository
repository: matrixdotorg/dendrite-monolith
# -- image tag
tag: "v0.5.1"
tag: "v0.6.2"
# -- image pull policy
pullPolicy: IfNotPresent
@ -47,32 +47,304 @@ persistence:
media:
enabled: false
mountPath: &mediaPath /var/dendrite/media
accessMode: ReadWriteOnce
size: 5Gi
# -- Configure Jetsream persistence. This is highly recommended in production.
# @default -- See values.yaml
jetstream:
enabled: false
mountPath: /var/dendrite/jetstream
accessMode: ReadWriteOnce
size: 1Gi
# -- Configure the key server.
# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
# @default -- See values.yaml
keyserver:
image:
# -- image repository
repository: matrixdotorg/dendrite-polylith
# -- image tag
tag: "v0.6.2"
# -- image pull policy
pullPolicy: IfNotPresent
service:
main:
ports:
http:
enabled: false
internal:
enabled: true
port: 7779
args: "keyserver"
# -- Configure the app service api.
# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
# @default -- See values.yaml
appserviceapi:
image:
# -- image repository
repository: matrixdotorg/dendrite-polylith
# -- image tag
tag: "v0.6.2"
# -- image pull policy
pullPolicy: IfNotPresent
service:
main:
ports:
http:
enabled: false
internal:
enabled: true
port: 7777
args: "appservice"
config:
config_files: []
# -- Configuration for the client api component.
# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
# @default -- See values.yaml
clientapi:
image:
# -- image repository
repository: matrixdotorg/dendrite-polylith
# -- image tag
tag: "v0.6.2"
# -- image pull policy
pullPolicy: IfNotPresent
service:
main:
ports:
http:
enabled: false
internal:
enabled: true
port: 7771
external:
enabled: true
port: 8071
args: "clientapi"
config:
# -- Enable or disable registration for this homeserver.
registration_disabled: false
# -- Shared secret that allows registration, despite registration_disabled.
registration_shared_secret: ""
# -- Configure captcha for registration
# @default -- See values.yaml
captcha:
enabled: false
recaptcha_public_key: ""
recaptcha_private_key: ""
recaptcha_bypass_secret: ""
recaptcha_siteverify_api: ""
# -- Configure TURN
# @default -- See values.yaml
turn:
turn_user_lifetime: ""
turn_uris: []
turn_shared_secret: ""
turn_username: ""
turn_password: ""
# -- Configure rate limiting.
# @default -- values.yaml
rate_limiting:
enabled: true
threshold: 5
cooloff_ms: 500
# -- Configure the Federation API
# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
# @default -- values.yaml
federationapi:
image:
# -- image repository
repository: matrixdotorg/dendrite-polylith
# -- image tag
tag: "v0.6.2"
# -- image pull policy
pullPolicy: IfNotPresent
service:
main:
ports:
http:
enabled: false
internal:
enabled: true
port: 7772
external:
enabled: true
port: 8072
args: "federationapi"
config:
federation-certificates: []
send-max_retires: 16
disable_tls_validation: false
proxy_outbound:
enabled: false
protocol: http
host: localhost
port: 8080
key_perspectives:
- server_name: matrix.org
keys:
- key_id: ed25519:auto
public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw
- key_id: ed25519:a_RXGa
public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ
prefer_direct_fetch: false
# -- Configure the User API
# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
# @default -- values.yaml
userapi:
image:
# -- image repository
repository: matrixdotorg/dendrite-polylith
# -- image tag
tag: "v0.6.2"
# -- image pull policy
pullPolicy: IfNotPresent
service:
main:
ports:
http:
enabled: false
internal:
enabled: true
port: 7781
args: "userapi"
# -- Configure the Sync API
# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
# @default -- values.yaml
syncapi:
image:
# -- image repository
repository: matrixdotorg/dendrite-polylith
# -- image tag
tag: "v0.6.2"
# -- image pull policy
pullPolicy: IfNotPresent
service:
main:
ports:
http:
enabled: false
internal:
enabled: true
port: 7773
external:
enabled: true
port: 8073
args: "syncapi"
# -- Configure the Room Server
# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
# @default -- values.yaml
roomserver:
image:
# -- image repository
repository: matrixdotorg/dendrite-polylith
# -- image tag
tag: "v0.6.2"
# -- image pull policy
pullPolicy: IfNotPresent
service:
main:
ports:
http:
enabled: false
internal:
enabled: true
port: 7770
args: "roomserver"
# -- Configure the edu server
# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
# @default -- values.yaml
eduserver:
image:
# -- image repository
repository: matrixdotorg/dendrite-polylith
# -- image tag
tag: "v0.6.2"
# -- image pull policy
pullPolicy: IfNotPresent
service:
main:
ports:
http:
enabled: false
internal:
enabled: true
port: 7778
args: "eduserver"
# -- Configure the Media API
# For more information see [the sample dendrite configuration](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
# @default -- values.yaml
mediaapi:
image:
# -- image repository
repository: matrixdotorg/dendrite-polylith
# -- image tag
tag: "v0.6.2"
# -- image pull policy
pullPolicy: IfNotPresent
service:
main:
ports:
http:
enabled: false
internal:
enabled: true
port: 7774
external:
enabled: true
port: 8074
args: "mediaapi"
config:
base_path: *mediaPath
max_file_size_bytes: 10485760
dynamic_thumbnails: false
max_thumbnail_generators: 10
thumbnail_sizes:
- width: 32
height: 32
method: crop
- width: 96
height: 96
method: crop
- width: 640
height: 480
method: scale
# -- Configuration for Dendrite.
# For more information see [the sample
# denrite-config.yaml](https://github.com/matrix-org/dendrite/blob/master/build/docker/config/dendrite-config.yaml)
# @default -- See values.yaml
dendrite:
# -- Enable polylith deployment
polylithEnabled: false
# -- If enabled, use an existing secrets for the TLS certificate and key.
# Otherwise, to enable TLS a `server.crt` and `server.key` must be mounted at
# `/etc/dendrite`.
# @default -- See values.yaml
tls_secret:
enabled: false
secretName: "dendrite-tls"
crtKey: tls.crt
keyKey: tls.key
# -- If enabled, use an existing secret for matrix_key.pem. Otherwise a
# matrix_key.pem must be mounted to `/etc/dendrite`.
# @default -- See values.yaml
existingSecret: ""
crtPath: tls.crt
keyPath: tls.key
matrix_key_secret:
enabled: false
key: matrix_key.pem
# -- Create matrix_key secret using the keyBody below.
create: false
# -- New Key Body
keyBody: ""
# -- Use an existing secret
existingSecret: ""
# -- Field in the secret to get the key from
secretPath: matrix_key.pem
# -- Configure database connection parameters.
# @default -- See values.yaml
database:
@ -109,77 +381,9 @@ dendrite:
enabled: false
cache_size: 256
cache_lifetime: "5m"
# -- Configure the dendrite components.
# @default -- See values.yaml
components:
# -- Configure the App Service API
# @default -- See values.yaml
app_service_api:
config_files: []
# -- Configure the Client API
client_api:
# -- Enable or disable registration for this homeserver.
registration_disabled: false
# -- Shared secret that allows registration, despite registration_disabled.
registration_shared_secret: ""
# -- Configure captcha for registration
# @default -- See values.yaml
captcha:
enabled: false
recaptcha_public_key: ""
recaptcha_private_key: ""
recaptcha_bypass_secret: ""
recaptcha_siteverify_api: ""
# -- Configure TURN
# @default -- See values.yaml
turn:
turn_user_lifetime: ""
turn_uris: []
turn_shared_secret: ""
turn_username: ""
turn_password: ""
# -- Configure rate limiting.
# @default -- values.yaml
rate_limiting:
enabled: true
threshold: 5
cooloff_ms: 500
# -- Configure the Federation API
# @default -- values.yaml
federation_api:
federation_certificates: []
send_max_retires: 16
disable_tls_validation: false
proxy_outbound:
enabled: false
protocol: http
host: localhost
port: 8080
key_perspectives:
- server_name: matrix.org
keys:
- key_id: ed25519:auto
public_key: Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw
- key_id: ed25519:a_RXGa
public_key: l8Hft5qXKn1vfHrg3p4+W8gELQVo8N13JkluMfmn2sQ
prefer_direct_fetch: false
# -- Configure the Media API
# @default -- values.yaml
media_api:
base_path: *mediaPath
max_file_size_bytes: 10485760
dynamic_thumbnails: false
max_thumbnail_generators: 10
thumbnail_sizes:
- width: 32
height: 32
method: crop
- width: 96
height: 96
method: crop
- width: 640
height: 480
method: scale
# -- Configure experimental MSC's
mscs: []
# -- Configure opentracing.
# @default -- See values.yaml
tracing:
@ -194,6 +398,7 @@ dendrite:
headers: null
baggage_restrictions: null
throttler: null
# -- Configure logging.
# @default -- See values.yaml
logging:
@ -221,6 +426,7 @@ nats:
# deployments - an internal NATS server will be used in its place.
# @default -- See value.yaml
enabled: false
image: nats:2.7.1-alpine
jetstream:
enabled: true
nats:
image: nats:2.7.1-alpine
jetstream:
enabled: true