diff --git a/synapse/main.yaml b/synapse/main.yaml index 77d8c73..128a578 100644 --- a/synapse/main.yaml +++ b/synapse/main.yaml @@ -63,65 +63,13 @@ metadata: helm.sh/chart: matrix-synapse-3.12.7 name: synapse-matrix-synapse stringData: - config.yaml: "## Registration ##\n\nregistration_shared_secret: \"8vqSOqEybW0NaKUj3hV1Ghs9\"\n\n## + config.yaml: "## Registration ##\n\nregistration_shared_secret: \"fqt6gDvDHnPriW5ICWu1DYYV\"\n\n## API Configuration ##\n\n## Database configuration ##\n\ndatabase:\n name: \"psycopg2\"\n \ args:\n user: \"synapse\"\n password: \"@@POSTGRES_PASSWORD@@\"\n database: - \"synapse\"\n host: \"synapse-postgresql\"\n port: 5432\n sslmode: \"prefer\"\n - \ cp_min: 5\n cp_max: 10\n \n\n## Redis configuration ##\n\nredis:\n enabled: - true\n host: \"redis-master.redis.svc.cluster.local\"\n port: 6379\n password: - \"@@REDIS_PASSWORD@@\"\n dbid: 2\n" ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: synapse - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 15.4.0 - helm.sh/chart: postgresql-12.12.10 - name: synapse-postgresql - namespace: synapse -spec: - ports: - - name: tcp-postgresql - nodePort: null - port: 5432 - targetPort: tcp-postgresql - selector: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: synapse - app.kubernetes.io/name: postgresql - sessionAffinity: None - type: ClusterIP ---- -apiVersion: v1 -kind: Service -metadata: - annotations: - service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: synapse - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 15.4.0 - helm.sh/chart: postgresql-12.12.10 - name: synapse-postgresql-hl - namespace: synapse -spec: - clusterIP: None - ports: - - name: tcp-postgresql - port: 5432 - targetPort: tcp-postgresql - publishNotReadyAddresses: true - selector: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: synapse - app.kubernetes.io/name: postgresql - type: ClusterIP + \"synapse\"\n host: \"cnpg-synapse-cluster-rw\"\n port: 5432\n sslmode: + \"prefer\"\n cp_min: 5\n cp_max: 10\n \n\n## Redis configuration ##\n\nredis:\n + \ enabled: true\n host: \"redis-master.redis.svc.cluster.local\"\n port: 6379\n + \ password: \"@@REDIS_PASSWORD@@\"\n dbid: 2\n" --- apiVersion: v1 kind: Service @@ -209,7 +157,7 @@ spec: metadata: annotations: checksum/config: 9c61c9bf443470644e1b27aa0b359e5985870a59151799de3b979ced6d1da6a3 - checksum/secrets: 61f2de7f57f7e600cdf1b31c1256b4f0c628dca5c6b9d35411aac779d3469f0b + checksum/secrets: c7392b4d6459b8ec3724069fe468971e9983663e284c1d1d2bb70c997be2600f labels: app.kubernetes.io/component: synapse app.kubernetes.io/instance: synapse @@ -235,7 +183,7 @@ spec: valueFrom: secretKeyRef: key: password - name: synapse + name: cnpg-synapse-cluster-app - name: REDIS_PASSWORD valueFrom: secretKeyRef: @@ -305,167 +253,6 @@ spec: persistentVolumeClaim: claimName: synapse-matrix-synapse --- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: synapse - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 15.4.0 - helm.sh/chart: postgresql-12.12.10 - name: synapse-postgresql - namespace: synapse -spec: - replicas: 1 - selector: - matchLabels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: synapse - app.kubernetes.io/name: postgresql - serviceName: synapse-postgresql-hl - template: - metadata: - labels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: synapse - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: postgresql - app.kubernetes.io/version: 15.4.0 - helm.sh/chart: postgresql-12.12.10 - name: synapse-postgresql - spec: - affinity: - nodeAffinity: null - podAffinity: null - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchLabels: - app.kubernetes.io/component: primary - app.kubernetes.io/instance: synapse - app.kubernetes.io/name: postgresql - topologyKey: kubernetes.io/hostname - weight: 1 - containers: - - env: - - name: BITNAMI_DEBUG - value: "false" - - name: POSTGRESQL_PORT_NUMBER - value: "5432" - - name: POSTGRESQL_VOLUME_DIR - value: /bitnami/postgresql - - name: PGDATA - value: /bitnami/postgresql/data - - name: POSTGRES_USER - value: synapse - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: password - name: synapse - - name: POSTGRES_POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - key: postgres-password - name: synapse - - name: POSTGRES_DATABASE - value: synapse - - name: POSTGRES_INITDB_ARGS - value: --lc-collate=C --lc-ctype=C - - name: POSTGRESQL_ENABLE_LDAP - value: "no" - - name: POSTGRESQL_ENABLE_TLS - value: "no" - - name: POSTGRESQL_LOG_HOSTNAME - value: "false" - - name: POSTGRESQL_LOG_CONNECTIONS - value: "false" - - name: POSTGRESQL_LOG_DISCONNECTIONS - value: "false" - - name: POSTGRESQL_PGAUDIT_LOG_CATALOG - value: "off" - - name: POSTGRESQL_CLIENT_MIN_MESSAGES - value: error - - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES - value: pgaudit - image: docker.io/bitnamilegacy/postgresql:15.9.0-debian-12-r0 - imagePullPolicy: IfNotPresent - livenessProbe: - exec: - command: - - /bin/sh - - -c - - exec pg_isready -U "synapse" -d "dbname=synapse" -h 127.0.0.1 -p 5432 - failureThreshold: 6 - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - name: postgresql - ports: - - containerPort: 5432 - name: tcp-postgresql - readinessProbe: - exec: - command: - - /bin/sh - - -c - - -e - - | - exec pg_isready -U "synapse" -d "dbname=synapse" -h 127.0.0.1 -p 5432 - failureThreshold: 6 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - resources: - limits: {} - requests: - cpu: 250m - memory: 256Mi - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - runAsGroup: 0 - runAsNonRoot: true - runAsUser: 1001 - seccompProfile: - type: RuntimeDefault - volumeMounts: - - mountPath: /dev/shm - name: dshm - - mountPath: /bitnami/postgresql - name: data - hostIPC: false - hostNetwork: false - securityContext: - fsGroup: 1001 - serviceAccountName: default - volumes: - - emptyDir: - medium: Memory - name: dshm - updateStrategy: - rollingUpdate: {} - type: RollingUpdate - volumeClaimTemplates: - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: data - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 16Gi - storageClassName: openebs-3-replicas ---- apiVersion: batch/v1 kind: Job metadata: diff --git a/synapse/src/values.yaml b/synapse/src/values.yaml index 10b2827..6726c30 100644 --- a/synapse/src/values.yaml +++ b/synapse/src/values.yaml @@ -782,7 +782,7 @@ wellknown: ## enabled to false and configure the externalPostgresql block. ## postgresql: - enabled: true + enabled: false image: repository: bitnamilegacy/postgresql tag: 15.9.0-debian-12-r0 @@ -815,16 +815,16 @@ postgresql: ## that the database needs to have both COLLATE and CTYPE set to "C". ## externalPostgresql: - # host: postgres + host: cnpg-synapse-cluster-rw port: 5432 username: synapse # password: synapse ## The name of an existing secret with postgresql credentials - # existingSecret: postgres-secrets + existingSecret: cnpg-synapse-cluster-app ## Password key to be retrieved from existing secret - # existingSecretPasswordKey: postgres-password + existingSecretPasswordKey: password database: synapse # sslmode: prefer