ungleich-k8s/apps/matrix
Nico Schottelius b0cb84f2a8 [matrix] ++note
2021-12-25 19:18:54 +01:00
..
element-web [matrix] update element-web config 2021-12-25 16:04:59 +01:00
element-web-nginx [matrix] update for element proxied 2021-12-24 15:22:37 +01:00
element-web-nginx-proxy [matrix] add well known ours to both servers 2021-12-25 17:59:12 +01:00
synapse [matrix] upgrade to allow db customisation + various fixes 2021-12-25 11:43:06 +01:00
synapse-nginx [matrix] add well known ours to both servers 2021-12-25 17:59:12 +01:00
templates [matrix] include checksums for config files of synapse/element 2021-12-25 18:54:51 +01:00
.helmignore starting matrix 2021-07-01 18:29:33 +02:00
Chart.yaml ++matrix 2021-07-17 20:12:27 +02:00
README.md [matrix] ++note 2021-12-25 19:18:54 +01:00
values.yaml [matrix] change to modifyable storage size/classes 2021-12-25 12:39:18 +01:00

Usage and Components

Note: as of 2021-12-25 this chart is available internally as apps/prod/matrix.

Sample usage

Setting up matrix for ...

  • the matrix domain "fn.nf"
  • the homeserver matrix.fnnf.svc.p10.k8s.ooo
  • element web on m.fn.nf

Using automatic DNS from the p10.k8s.ooo cluster:

helm upgrade --install --create-namespace --namespace fnnf \
    --set homeServerFQDN=fn.nf,elementWebFQDN=m.fn.nf,letsencryptStaging=no,clusterDomain=p10.k8s.ooo matrix matrix/

Setting up matrix.fn.nf in DNS

matrix CNAME matrix-element-web.fnnf.svc.p10.k8s.ooo.

Creating the two json files

  • /.well-known/matrix/server and
  • /.well-known/matrix/client on the fn.nf web server using the samples:
% curl -Ls https://m.fn.nf/.well-known/matrix/server > server
% curl -Ls https://m.fn.nf/.well-known/matrix/client > client

And finally creating a user:

kubectl -n fnnf exec -ti matrix-matrix-synapse-864c4bfb4-4h4cn -c synapse -- register_new_matrix_user http://localhost:8008 -c /config/homeserver.yaml -u admin -p ...  -a

Element-Web

  • Includes config.json that is being populated by values.yaml
  • Includes nginx on port localhost:8080 (http)
  • Includes nginx proxy on port 80+443 (http redirect, https)

The service is reachable as {{ .Release.Name }}-element-web.

Synapse

  • homeserver.yaml is created from a ConfigMap in /config-ro
  • homeserver.yaml is edited using sed to add the postgres password and stored in /config/homeserver.yaml
  • Logging configured to stdout

The service is reachable as {{ .Release.Name }}.

Postgres

Tuned with --no-locale --encoding=UTF8 using POSTGRES_INITDB_ARGS (required by synapse).

The service is reachable as {{ .Release.Name }}-postgres.

See

Missing

  • SMTP settings / secrets (ungleich mail + sops?)

admin user

docker exec -it synapse register_new_matrix_user http://localhost:8008 -c /data/homeserver.yaml --help

Resource configuration