Updated configurations
This commit is contained in:
parent
eed66cd183
commit
8c2356d303
109
tasks/main.yml
109
tasks/main.yml
@ -51,51 +51,38 @@
|
|||||||
##
|
##
|
||||||
## Most settings are configurable but some settings are owned by the chart and can't overwritten
|
## Most settings are configurable but some settings are owned by the chart and can't overwritten
|
||||||
additional:
|
additional:
|
||||||
email:
|
0-customConfig:
|
||||||
from: '"Matrix Authentication Service" <matrix-authentication-service@eom.dev>'
|
config: |
|
||||||
reply_to: '"No reply" <no-reply@eom.dev>'
|
email:
|
||||||
transport: smtp
|
from: '"Matrix Authentication Service" <matrix-authentication-service@eom.dev>'
|
||||||
mode: tls
|
reply_to: '"No reply" <no-reply@eom.dev>'
|
||||||
hostname: postfix.eom.dev
|
transport: smtp
|
||||||
port: 587
|
mode: tls
|
||||||
username: matrix-authentication-service
|
hostname: postfix.eom.dev
|
||||||
password: "{{ matrix_auth_service_admin_password }}"
|
port: 587
|
||||||
upstream_oauth2:
|
username: matrix-authentication-service
|
||||||
providers:
|
password: "{{ matrix_auth_service_admin_password }}"
|
||||||
- id: 01JG22H4F0G8PYCZ5HVTQVHBC4
|
upstream_oauth2:
|
||||||
issuer: https://google.com/
|
providers:
|
||||||
client_id: "{{ matrix_google_oidc_client_id }}"
|
- id: 01JG22H4F0G8PYCZ5HVTQVHBC4
|
||||||
client_secret: "{{ matrix_google_oidc_client_secret }}"
|
human_name: Google
|
||||||
token_endpoint_auth_method: client_secret_basic
|
brand_name: google
|
||||||
discovery_mode: oidc
|
issuer: https://accounts.google.com
|
||||||
claims_imports:
|
client_id: "{{ matrix_google_oidc_client_id }}"
|
||||||
subject:
|
client_secret: "{{ matrix_google_oidc_client_secret }}"
|
||||||
template: "{{ '{{ user.sub }}' | quote }}"
|
token_endpoint_auth_method: client_secret_post
|
||||||
|
scope: openid profile email
|
||||||
# -- The localpart is the local part of the user's Matrix ID.
|
claims_imports:
|
||||||
# For example, on the `example.com` server, if the localpart is `alice`,
|
localpart:
|
||||||
# the user's Matrix ID will be `@alice:example.com`.
|
action: ignore
|
||||||
localpart:
|
displayname:
|
||||||
action: require
|
action: require
|
||||||
template: "{{ '{{ user.preferred_username }}' | quote }}"
|
template: "{{ '{{ user.name }}' }}"
|
||||||
|
email:
|
||||||
# -- The display name is the user's display name.
|
action: require
|
||||||
displayname:
|
template: "{{ '{{ user.email }}' }}"
|
||||||
action: suggest
|
account_name:
|
||||||
template: "{{ '{{ user.name }}' | quote }}"
|
template: "{{ '{{ user.email }}' }}"
|
||||||
|
|
||||||
# -- An email address to import.
|
|
||||||
email:
|
|
||||||
action: suggest
|
|
||||||
template: "{{ '{{ user.email }}' | quote }}"
|
|
||||||
# -- Whether the email address must be marked as verified.
|
|
||||||
# Possible values are:
|
|
||||||
# - `import`: mark the email address as verified if the upstream provider
|
|
||||||
# has marked it as verified, using the `email_verified` claim.
|
|
||||||
# This is the default.
|
|
||||||
# - `always`: mark the email address as verified
|
|
||||||
# - `never`: mark the email address as not verified
|
|
||||||
set_email_verification: import
|
|
||||||
ingress:
|
ingress:
|
||||||
host: mas.eom.dev
|
host: mas.eom.dev
|
||||||
postgres:
|
postgres:
|
||||||
@ -112,7 +99,7 @@
|
|||||||
|
|
||||||
## The size of a PersistentVolumeClaim to be constructed
|
## The size of a PersistentVolumeClaim to be constructed
|
||||||
## Ignored if existingClaim is provided
|
## Ignored if existingClaim is provided
|
||||||
size: 256Gi
|
size: 2Ti
|
||||||
|
|
||||||
## The StorageClass to be used by the constructed PersistentVolumeClaim.
|
## The StorageClass to be used by the constructed PersistentVolumeClaim.
|
||||||
## Will use the cluster default if not provided
|
## Will use the cluster default if not provided
|
||||||
@ -126,26 +113,16 @@
|
|||||||
## The maximum size (in bytes ending in M or K) that Synapse will accept for media uploads
|
## The maximum size (in bytes ending in M or K) that Synapse will accept for media uploads
|
||||||
## You may need to adjust your ingress controller to also allow uploads of this size
|
## You may need to adjust your ingress controller to also allow uploads of this size
|
||||||
maxUploadSize: 100M
|
maxUploadSize: 100M
|
||||||
## Key used to sign events and federation requests.
|
|
||||||
## This needs to be the full signing key starting `ed25519 ...`.
|
|
||||||
## This secret is optional, and will be generated by the `initSecrets` job
|
|
||||||
## if it is empty.
|
|
||||||
## It can either be provided inline in the Helm chart e.g.:
|
|
||||||
## signingKey:
|
|
||||||
## value: SecretValue
|
|
||||||
##
|
|
||||||
## Or it can be provided via an existing Secret e.g.:
|
|
||||||
## signingKey:
|
|
||||||
## secret: existing-secret
|
|
||||||
## secretKey: key-in-secret
|
|
||||||
signingKey: {}
|
|
||||||
ingress:
|
ingress:
|
||||||
host: synapse.eom.dev
|
host: synapse.eom.dev
|
||||||
custom-config:
|
additional:
|
||||||
config: |
|
1-custom-config:
|
||||||
smtp_host: postfix.eom.dev
|
config: |
|
||||||
smtp_port: 587
|
smtp_host: postfix.eom.dev
|
||||||
smtp_user: synapse
|
smtp_port: 587
|
||||||
smtp_pass: {{ synapse_admin_password }}
|
smtp_user: synapse
|
||||||
client_base_url: https://element.eom.dev/
|
smtp_pass: {{ synapse_admin_password }}
|
||||||
|
client_base_url: https://element.eom.dev/
|
||||||
|
auto_join_rooms:
|
||||||
|
- "#general:eom.dev"
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user