JankySolutions/infra
2
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages 12 Wiki Activity Actions
infra/k8s/matrix/janky.solutions-homeserver.yaml

192 lines
5.2 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: StatefulSet
metadata:
name: homeserver-janky-solutions
spec:
selector:
matchLabels:
app: synapse
instance: janky.solutions
serviceName: homeserver-janky-solutions
replicas: 1
template:
metadata:
labels:
app: synapse
instance: janky.solutions
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "8000"
prometheus.io/path: /_synapse/metrics
spec:
securityContext:
fsGroup: 991
fsGroupChangePolicy: "OnRootMismatch"
initContainers:
- name: initialize-homeserver-secrets
image: library/python
command: ["python", "/init/initialize-secrets.py", "homeserver.yaml"]
volumeMounts:
- name: init
mountPath: /init
- name: data
mountPath: /data
- name: config
mountPath: /config
envFrom:
- secretRef:
name: synapse-janky-solutions
- name: initialize-bridge-secrets
image: library/python
command: ["python", "/init/initialize-secrets.py", "facebook.yaml", "telegram.yaml", "signal.yaml"]
volumeMounts:
- name: init
mountPath: /init
- name: data
mountPath: /data
- name: appservices
mountPath: /config
envFrom:
- secretRef:
name: synapse-janky-solutions
containers:
- image: git.janky.solutions/jankysolutions/infra/synapse:latest
name: synapse
resources: {}
volumeMounts:
- name: data
mountPath: /data
- name: config
mountPath: /config
- name: secrets
mountPath: /secrets
- name: appservices
mountPath: /appservices
env:
- name: SYNAPSE_SERVER_NAME
value: matrix.janky.solutions
- name: SYNAPSE_REPORT_STATS
value: "no"
- name: TZ
value: America/Los_Angeles
- name: PGUSER
valueFrom:
secretKeyRef:
name: matrix.janky-solutions-homeserver-database.credentials.postgresql.acid.zalan.do
key: username
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: matrix.janky-solutions-homeserver-database.credentials.postgresql.acid.zalan.do
key: password
ports:
- name: http
containerPort: 8008
- name: metrics
containerPort: 8000
volumes:
- name: config
configMap:
name: synapse-janky-solutions
- name: appservices
configMap:
name: appservices-janky-solutions
- name: init
configMap:
name: secrets-init
- name: secrets
secret:
secretName: synapse-janky-solutions
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: 20Gi
---
apiVersion: v1
kind: Service
metadata:
name: homeserver-janky-solutions
spec:
ports:
- name: http
port: 8008
selector:
app: synapse
instance: janky.solutions
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: homeserver-janky-solutions
annotations:
cert-manager.io/cluster-issuer: letsencrypt
spec:
rules:
- host: matrix.janky.solutions
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: homeserver-janky-solutions
port:
name: http
---
apiVersion: "acid.zalan.do/v1"
kind: postgresql
metadata:
name: janky-solutions-homeserver-database
spec:
teamId: matrix
volume:
size: 10Gi
numberOfInstances: 2
users:
superuser:
- superuser
- createdb
matrix: []
databases:
matrix: matrix
patroni:
initdb:
encoding: UTF8
locale: C
pg_hba:
- local all all trust
- hostssl all +zalandos 127.0.0.1/32 pam
- host all all 127.0.0.1/32 md5
- hostssl all +zalandos ::1/128 pam
- host all all ::1/128 md5
- local replication standby trust
- hostssl replication standby all md5
- hostnossl all all all reject
- hostssl all +zalandos all pam
- hostssl all all all md5
- host all all all md5
resources:
limits:
cpu: "4"
memory: 4Gi
postgresql:
version: "16"
---
apiVersion: v1
kind: Service
metadata:
name: janky-solutions-homeserver-database-nodeport
namespace: matrix
spec:
type: NodePort
ports:
- name: postgresql
port: 5432
nodePort: 30003
selector:
k8s.home.finn.io: janky-solutions-homeserver-database
spilo-role: master
Reference in a new issue View git blame Copy permalink