ungleich-k8s

History

Nico Schottelius ab321f9558 [matrix] cleanup README, integrate well known urls 1/2		2021-12-25 17:34:19 +01:00
..
element-web	[matrix] update element-web config	2021-12-25 16:04:59 +01:00
element-web-nginx	[matrix] update for element proxied	2021-12-24 15:22:37 +01:00
element-web-nginx-proxy	[matrix] cleanup README, integrate well known urls 1/2	2021-12-25 17:34:19 +01:00
synapse	[matrix] upgrade to allow db customisation + various fixes	2021-12-25 11:43:06 +01:00
synapse-nginx	[matrix] update all but DB config	2021-12-25 10:53:35 +01:00
templates	[matrix] cleanup README, integrate well known urls 1/2	2021-12-25 17:34:19 +01:00
.helmignore	starting matrix	2021-07-01 18:29:33 +02:00
Chart.yaml	++matrix	2021-07-17 20:12:27 +02:00
README.md	[matrix] cleanup README, integrate well known urls 1/2	2021-12-25 17:34:19 +01:00
values.yaml	[matrix] change to modifyable storage size/classes	2021-12-25 12:39:18 +01:00

README.md

Components

element-web

Needs config: /app/config.json
Needs FQDN for HTTPS / nginx
Maybe limit the builtin webserver to localhost?
- Configmap to /etc/nginx/conf.d/default.conf
- Entrypoint nginx -g daemon offD

To add:

add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "frame-ancestors 'none'";

Missing

SMTP settings / secrets (ungleich mail + sops?)

admin user

docker exec -it synapse register_new_matrix_user http://localhost:8008 -c /data/homeserver.yaml --help

Usage

Element-Web

Includes config.json that is being populated by values.yaml
Includes nginx on port localhost:8080 (http)
Includes nginx proxy on port 80+443 (http redirect, https)

Synapse

homeserver.yaml is created from a ConfigMap in /config-ro
homeserver.yaml is edited using sed to add the postgres password and stored in /config/homeserver.yaml
Logging configured to stdout

Postgres

Tuned with --no-locale --encoding=UTF8 using POSTGRES_INITDB_ARGS (required by synapse).

See