99 lines
3.6 KiB
YAML
99 lines
3.6 KiB
YAML
---
|
|
# tasks file for ansible-role-matrix-stack
|
|
- name: Deploy Matrix Stack
|
|
kubernetes.core.helm:
|
|
name: matrix
|
|
chart_ref: oci://ghcr.io/element-hq/ess-helm/matrix-stack
|
|
release_namespace: "{{ release_namespace }}"
|
|
create_namespace: true
|
|
values:
|
|
certManager:
|
|
clusterIssuer: ca-issuer
|
|
serverName: "{{ server_name }}"
|
|
ingress:
|
|
className: nginx
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/configuration-snippet: proxy_intercept_errors off;
|
|
initSecrets:
|
|
enabled: true
|
|
serviceAccount:
|
|
## Whether a ServiceAccount should be created by the chart or not
|
|
create: true
|
|
|
|
## What name to give the ServiceAccount. If not provided the chart will provide the name automatically
|
|
name: ""
|
|
|
|
## Annotations to add to the service account
|
|
annotations: {}
|
|
|
|
matrixRTC:
|
|
ingress:
|
|
host: rtc.eom.dev
|
|
|
|
elementWeb:
|
|
ingress:
|
|
host: element.eom.dev
|
|
|
|
matrixAuthenticationService:
|
|
|
|
## Additional configuration to provide to Matrix Authentication Service.
|
|
## Each key under additional is an additional config to merge into Matrix Authentication Service config.yaml
|
|
## Full details on available configuration options can be found at https://element-hq.github.io/matrix-authentication-service/reference/configuration.html
|
|
## This can be provided in-line in the Helm Chart and/or via an existing Secret
|
|
## e.g.
|
|
## additional:
|
|
## 0-customConfig:
|
|
## config: |
|
|
## <any valid configuration>
|
|
## 1-customConfig:
|
|
## configSecret: custom-config
|
|
## configSecretKey: shared.yaml
|
|
##
|
|
## Most settings are configurable but some settings are owned by the chart and can't overwritten
|
|
additional: {}
|
|
ingress:
|
|
host: mas.eom.dev
|
|
postgres:
|
|
storage:
|
|
size: 2Ti
|
|
|
|
synapse:
|
|
## Configures the media store for Synapse
|
|
media:
|
|
## Configures the PersistentVolumeClaim to be used for storage
|
|
storage:
|
|
## Name of an existing PersistentVolumeClaim in this namespace that should be used
|
|
# existingClaim:
|
|
|
|
## The size of a PersistentVolumeClaim to be constructed
|
|
## Ignored if existingClaim is provided
|
|
size: 256Gi
|
|
|
|
## The StorageClass to be used by the constructed PersistentVolumeClaim.
|
|
## Will use the cluster default if not provided
|
|
## Ignored if existingClaim is provided
|
|
# storageClass:
|
|
|
|
## Whether to instruct Helm to keep or delete the constructed PersistentVolumeClaim when uninstalling the chart
|
|
## Ignored if existingClaim is provided
|
|
resourcePolicy: keep
|
|
|
|
## The maximum size (in bytes ending in M or K) that Synapse will accept for media uploads
|
|
## You may need to adjust your ingress controller to also allow uploads of this size
|
|
maxUploadSize: 100M
|
|
## Key used to sign events and federation requests.
|
|
## This needs to be the full signing key starting `ed25519 ...`.
|
|
## This secret is optional, and will be generated by the `initSecrets` job
|
|
## if it is empty.
|
|
## It can either be provided inline in the Helm chart e.g.:
|
|
## signingKey:
|
|
## value: SecretValue
|
|
##
|
|
## Or it can be provided via an existing Secret e.g.:
|
|
## signingKey:
|
|
## secret: existing-secret
|
|
## secretKey: key-in-secret
|
|
signingKey: {}
|
|
ingress:
|
|
host: synapse.eom.dev
|