apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-matrix-synapse spec: selector: matchLabels: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: matrix-synapse replicas: 1 strategy: type: Recreate template: metadata: labels: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: matrix-synapse annotations: checksum/config: {{ include (print $.Template.BasePath "/synapse-proxy.yaml") . | sha256sum }} checksum/config: {{ include (print $.Template.BasePath "/synapse-conf.yaml") . | sha256sum }} spec: initContainers: - name: generate-matrix-signing-key image: matrixdotorg/synapse:{{ .Values.synapseVersion }} command: - "python" - "-m" - "synapse.app.homeserver" - "--config-path" - "/config-ro" - "--keys-directory" - "/data" - "--generate-keys" volumeMounts: - name: data mountPath: "/data" - name: synapse-conf mountPath: "/config-ro" containers: - name: nginx image: ungleich/ungleich-certbot:1.1.1 ports: - containerPort: 443 name: https - containerPort: 80 name: http env: - name: DOMAIN value: "{{ tpl .Values.synapseFQDN . }}" - name: EMAIL value: "{{ .Values.email }}" {{ if eq .Values.letsencryptStaging "no" }} - name: STAGING value: "no" {{ end }} volumeMounts: - name: nginx-config mountPath: "/nginx-configs" - name: etcletsencrypt mountPath: "/etc/letsencrypt" resources: requests: memory: {{ .Values.resources.synapsenginx.memory }} cpu: {{ .Values.resources.synapsenginx.cpu }} limits: memory: {{ .Values.resources.synapsenginx.memory }} cpu: {{ .Values.resources.synapsenginx.cpu }} - name: synapse image: matrixdotorg/synapse:{{ .Values.synapseVersion }} command: - sh - -c - "mkdir -p /config; sed \"s,SECRETPOSTGRESPASSWORD,$POSTGRES_PW,\" /config-ro/homeserver.yaml > /config/homeserver.yaml && /start.py run" ports: - containerPort: 8008 env: - name: SYNAPSE_CONFIG_PATH value: "/config/homeserver.yaml" - name: SYNAPSE_CONFIG_DIR value: "/config" - name: POSTGRES_PW valueFrom: secretKeyRef: name: {{ .Release.Name }}-postgres-config key: POSTGRES_PASSWORD volumeMounts: - name: data mountPath: "/data" - name: synapse-conf mountPath: "/config-ro" resources: requests: memory: {{.Values.resources.synapse.memory }} cpu: {{.Values.resources.synapse.cpu}} limits: memory: {{.Values.resources.synapse.memory}} cpu: {{.Values.resources.synapse.cpu}} volumes: - name: etcletsencrypt persistentVolumeClaim: claimName: {{ .Release.Name }}-synapse-letsencrypt-certs - name: data persistentVolumeClaim: claimName: {{ .Release.Name }}-data - name: nginx-config configMap: name: {{ .Release.Name }}-synapse-nginx-proxy - name: synapse-conf configMap: name: {{ .Release.Name }}-synapse-conf --- apiVersion: v1 kind: Service metadata: name: {{ .Release.Name }} labels: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: matrix-synapse spec: type: ClusterIP ports: - port: 80 name: http - port: 443 name: https selector: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: matrix-synapse