diff --git a/README.md b/README.md index b75d0e3f..87c1713f 100644 --- a/README.md +++ b/README.md @@ -25,35 +25,34 @@ helm show values matrix/matrix > values.yaml helm install my-release-name matrix/matrix --values values.yaml ``` -**NOTE: The most important helm parameter is `matrix.hostname`. Without it, this chart may not work!** +> [!IMPORTANT] +> The most important helm parameter is `matrix.hostname`. Without it, this chart may not work!** + +> [!WARNING] +> This chart used to support the Sliding Sync Proxy, but as it is deprecated, we no longer support it. See this [matrix blog post](https://matrix.org/blog/2024/11/14/moving-to-native-sliding-sync/) for more info. ## Current Features ✨ - Latest version of [Synapse](https://github.com/element-hq/synapse) (the official matrix homeserver) -- Ingress definitions for federated Synapse (Matrix homeserver) and Element (client for matrix) +- Ingress definitions for federated Synapse (aka Matrix homeserver) and Element (default client for matrix) ### Optional Features -- Use (existing) Kubernetes Secrets for confidential data, such as passwords -- Use OIDC configs for SSO either directly via synapse (see [docs](https://github.com/element-hq/synapse/blob/develop/docs/openid.md) for more info) or via MAS +- Use existing Persistent Volume Claims +- Use existing Kubernetes Secrets for confidential data, such as passwords +- Use OIDC configs for SSO either directly via Synapse (see [docs](https://github.com/element-hq/synapse/blob/develop/docs/openid.md) for more info) or via MAS - Use MAS ([matrix-org/matrix-authentication-service](https://github.com/matrix-org/matrix-authentication-service)) via [matrix-authentication-service-chart](https://github.com/small-hack/matrix-authentication-service-chart) as a sub chart for using [element-x] which recommends for OIDC auth - Latest version of the [Element web app](https://element.io/) to provide a web interface for chat (you can disable this and still use element apps) -- [Coturn TURN server subchart](https://github.com/small-hack/coturn-chart) for VoIP calls - Use s3 to store media using [element-hq/synapse-s3-storage-provider](https://github.com/matrix-org/synapse-s3-storage-provider/tree/main) -- Use existing Kubernetes Secrets and existing Persistent Volume Claims -- [mautrix/discord](https://github.com/mautrix/discord) - Discord bridge for syncing between matrix and Discord - [small-hack/matrix-alertmanager](https://github.com/small-hack/matrix-alertmanager) - Prometheus Alertmanager bridge for syncing between matrix and Alertmanager - -#### Features that may not be needed anymore - -- Use [matrix-sliding-sync-chart](https://github.com/small-hack/matrix-sliding-sync-chart) as a sub chart for using [element-x] which requires [matrix-org/sliding-sync](https://github.com/matrix-org/sliding-sync) (Note: as of Synapse [v1.114.0](https://github.com/element-hq/synapse/releases/tag/v1.114.0) you can now use simplified sliding sync, which doesn't require the separate proxy chart [more info here](https://matrix.org/blog/2024/10/29/matrix-2.0-is-here/#1-simplified-sliding-sync)) - #### ⚠️ Untested Features -These features still need to be tested, but are technically baked into the chart from the fork: +These features still need to be tested, but are technically baked into the chart from the fork or from previous versions of this chart: +- [mautrix/discord](https://github.com/mautrix/discord) - Discord bridge for syncing between matrix and Discord (we no longer test this directly but we're open to PRs to improve support!) +- [Coturn TURN server subchart](https://github.com/small-hack/coturn-chart) for VoIP calls (may not be needed in Matrix 2.0 API) - Use of lightweight Exim relay - [matrix-org/matrix-appservice-irc](https://github.com/matrix-org/matrix-appservice-irc) IRC bridge - [tulir/mautrix-whatsapp](https://github.com/tulir/mautrix-whatsapp) WhatsApp bridge @@ -65,7 +64,6 @@ These features still need to be tested, but are technically baked into the chart * [Federation](#federation) * [Federation not Working](#federation-not-working) * [Addiing Trusted Key Servers from an existing Secret](#addiing-trusted-key-servers-from-an-existing-secret) -* [Notes on using Matrix Sliding Sync](#notes-on-using-matrix-sliding-sync) * [Notes on using MAS (Matrix Authentication Service)](#notes-on-using-mas-matrix-authentication-service) * [Bridges](#bridges) * [Alertmanager](#alertmanager) @@ -200,50 +198,6 @@ stringData: ed25519:auto: abcdefghijklmnopqrstuvwxyz1234567890 ``` -## Notes on using Matrix Sliding Sync - -To use [sliding sync](https://github.com/matrix-org/sliding-sync), which is required for [element-x], you'll need to ensure that requests to `.well-known/matrix/client` return the [correct json](https://github.com/matrix-org/sliding-sync/blob/main/README.md). To do that, you'll want update your `matrix.extra_well_known_client_content` values and set `syncv3.enabled` to `true`. Example below: - -```yaml -matrix: - hostname: my-synapse-hostname.com - extra_well_known_client_content: - "org.matrix.msc3575.proxy": - "url": "https://your-sliding-sync-hostname.com" - - -syncv3: - # this enables this subchart: https://github.com/small-hack/matrix-sliding-sync-chart - # which deploys this: https://github.com/matrix-org/sliding-sync - enabled: true - server: "https://my-synapse-hostname.com" - secret: "this.is.a.test.secret" - bindaddr: "127.0.0.1:8008" - # note: you'll still have to actually fill out parameters - # under slidingSync.postgresql, but it is truncated here for brevity - # check out values.yaml for all possible slidingSync.postgresql values - postgresql: - enabled: true -``` - -After synapse is up, you should be able to verify it's returning correctly by doing: - -```console -$ curl https://matrix.example.com/.well-known/matrix/client | jq - % Total % Received % Xferd Average Speed Time Time Time Current - Dload Upload Total Spent Left Speed -100 136 100 136 0 0 1818 0 --:--:-- --:--:-- --:--:-- 1837 -{ - "m.homeserver": { - "base_url": "https://matrix.example.com" - }, - "org.matrix.msc3575.proxy": { - "url": "https://matrix.example.com" - } -} - -``` - ## Notes on using MAS (Matrix Authentication Service) MAS is currently the only way to use OIDC with [element-x]. If you're using MAS (Matrix Authentication Service), you'll need to set `mas.enabled` to `true`. You'll also need to setup proper routes for synapse to redirect to MAS. See example below: @@ -561,4 +515,3 @@ Our goal is to provide regular updates using renovatebot and provide some level [element-x]: https://element.io/labs/element-x "element x link" -[sliding sync]: https://github.com/matrix-org/sliding-sync "matrix sliding sync" diff --git a/charts/matrix/Chart.lock b/charts/matrix/Chart.lock index 4e494324..f6a5dec7 100644 --- a/charts/matrix/Chart.lock +++ b/charts/matrix/Chart.lock @@ -5,11 +5,8 @@ dependencies: - name: coturn repository: https://small-hack.github.io/coturn-chart version: 7.0.4 -- name: matrix-sliding-sync - repository: https://small-hack.github.io/matrix-sliding-sync-chart - version: 1.2.0 - name: matrix-authentication-service repository: https://small-hack.github.io/matrix-authentication-service-chart version: 1.1.0 -digest: sha256:c6892321cbd9487d6b3f5cc6397d211f4cbdaa30f50372647d2fe4c725ddf118 -generated: "2024-12-15T13:18:44.882396843Z" +digest: sha256:af15ea88fa54b0f325f5a2ae16bdc5c246d3f3dce81e72d2ae90630d876533bc +generated: "2024-12-15T14:23:06.762902+01:00" diff --git a/charts/matrix/Chart.yaml b/charts/matrix/Chart.yaml index 6a4c336f..f0e6ec57 100644 --- a/charts/matrix/Chart.yaml +++ b/charts/matrix/Chart.yaml @@ -8,10 +8,10 @@ sources: type: application -version: 17.4.0 +version: 18.0.0 -# renovate: image=matrixdotorg/synapse -appVersion: v1.117.0 +# renovate: image=ghcr.io/element-hq/synapse +appVersion: v1.121.1 maintainers: - name: "jessebot" @@ -28,12 +28,6 @@ dependencies: repository: https://small-hack.github.io/coturn-chart condition: coturn.enabled - - name: matrix-sliding-sync - version: 1.2.0 - repository: https://small-hack.github.io/matrix-sliding-sync-chart - alias: syncv3 - condition: syncv3.enabled - - name: matrix-authentication-service alias: mas version: 1.1.0 diff --git a/charts/matrix/README.md b/charts/matrix/README.md index c015def8..4b742706 100644 --- a/charts/matrix/README.md +++ b/charts/matrix/README.md @@ -1,6 +1,6 @@ # matrix -![Version: 17.4.0](https://img.shields.io/badge/Version-17.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.117.0](https://img.shields.io/badge/AppVersion-v1.117.0-informational?style=flat-square) +![Version: 18.0.0](https://img.shields.io/badge/Version-18.0.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v1.121.1](https://img.shields.io/badge/AppVersion-v1.121.1-informational?style=flat-square) A Helm chart to deploy a Matrix homeserver stack on Kubernetes @@ -22,7 +22,6 @@ A Helm chart to deploy a Matrix homeserver stack on Kubernetes |------------|------|---------| | https://small-hack.github.io/coturn-chart | coturn | 7.0.4 | | https://small-hack.github.io/matrix-authentication-service-chart | mas(matrix-authentication-service) | 1.1.0 | -| https://small-hack.github.io/matrix-sliding-sync-chart | syncv3(matrix-sliding-sync) | 1.2.0 | | oci://registry-1.docker.io/bitnamicharts | postgresql | 16.3.1 | ## Values @@ -285,7 +284,7 @@ A Helm chart to deploy a Matrix homeserver stack on Kubernetes | bridges.hookshot.existingSecret.registration | string | `""` | optionally use existing kubernetes Secret for registration | | bridges.hookshot.image.pullPolicy | string | `"IfNotPresent"` | hookshot bridge docker image pull policy. If tag is "latest", set tag to "Always" | | bridges.hookshot.image.repository | string | `"halfshot/matrix-hookshot"` | hookshot bridge docker image | -| bridges.hookshot.image.tag | string | `"6.0.0"` | hookshot bridge docker image tag | +| bridges.hookshot.image.tag | string | `"6.0.1"` | hookshot bridge docker image tag | | bridges.hookshot.passkey | string | `""` | If bridges.hookshot.passkey AND bridges.hookshot.existingSecret.passkey are BOTH empty strings, we will generate a passkey for you. To Generate yourself: openssl genpkey -out passkey.pem -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:4096 | | bridges.hookshot.podSecurityContext | object | `{}` | hookshot pod security context | | bridges.hookshot.registration.existingSecret | string | `""` | | @@ -824,58 +823,6 @@ A Helm chart to deploy a Matrix homeserver stack on Kubernetes | synapse.service.federation.type | string | `"ClusterIP"` | | | synapse.service.port | int | `80` | service port for synapse | | synapse.service.type | string | `"ClusterIP"` | service type for synpase | -| syncv3.enabled | bool | `false` | enable the sliding sync proxy (required for using element-x if using Synapse older than v1.114). You can see all possible values [here](https://github.com/small-hack/matrix-sliding-sync-chart). If enabled, you must also provide `matrix.extra_well_known_client_content`. After Synapse v1.114, this is no longer required. Learn more in the matrix [blog post](https://matrix.org/blog/2024/10/29/matrix-2.0-is-here/#1-simplified-sliding-sync) | -| syncv3.existingEnvSecret | string | `""` | existing kubernetes secret for ALL syncv3 env vars listed below. if set, ignores all values under syncv3 including syncv3.db and syncv3.otlp. | -| syncv3.externalDatabase.database | string | `"syncv3"` | name of the database to try and connect to | -| syncv3.externalDatabase.enabled | bool | `false` | enable using an external database *instead of* the Bitnami PostgreSQL sub-chart if externalDatabase.enabled is set to true, postgresql.enabled must be set to false | -| syncv3.externalDatabase.hostname | string | `""` | hostname of db server. Can be left blank if using postgres subchart | -| syncv3.externalDatabase.password | string | `"changeme"` | password of matrix-sliding-sync postgres user - ignored using exsitingSecret | -| syncv3.externalDatabase.port | int | `5432` | which port to use to connect to your database server | -| syncv3.externalDatabase.sslcert | string | `""` | optional: tls/ssl cert for postgresql connections | -| syncv3.externalDatabase.sslkey | string | `""` | optional: tls/ssl key for postgresql connections | -| syncv3.externalDatabase.sslmode | string | `""` | sslmode to use, example: verify-full | -| syncv3.externalDatabase.sslrootcert | string | `""` | optional: tls/ssl root cert for postgresql connections | -| syncv3.externalDatabase.username | string | `"syncv3"` | username of matrix-sliding-sync postgres user | -| syncv3.ingress.annotations | object | `{}` | | -| syncv3.ingress.className | string | `""` | | -| syncv3.ingress.enabled | bool | `false` | | -| syncv3.ingress.hosts[0].host | string | `"chart-example.local"` | | -| syncv3.ingress.hosts[0].paths[0].path | string | `"/"` | | -| syncv3.ingress.hosts[0].paths[0].pathType | string | `"ImplementationSpecific"` | | -| syncv3.ingress.tls | list | `[]` | | -| syncv3.networkPolicies.enabled | bool | `true` | whether to enable kubernetes network policies or not | -| syncv3.postgresql.enabled | bool | `false` | Whether to deploy the Bitnami Postgresql sub chart If postgresql.enabled is set to true, externalDatabase.enabled must be set to false else if externalDatabase.enabled is set to true, postgresql.enabled must be set to false | -| syncv3.postgresql.global.postgresql.auth.database | string | `"syncv3"` | name of the database | -| syncv3.postgresql.global.postgresql.auth.existingSecret | string | `""` | Name of existing secret to use for PostgreSQL credentials | -| syncv3.postgresql.global.postgresql.auth.password | string | `"changeme"` | password of matrix-sliding-sync postgres user - ignored using exsitingSecret | -| syncv3.postgresql.global.postgresql.auth.port | int | `5432` | which port to use to connect to your database server | -| syncv3.postgresql.global.postgresql.auth.secretKeys.adminPasswordKey | string | `"postgresPassword"` | key in existingSecret with the admin postgresql password | -| syncv3.postgresql.global.postgresql.auth.secretKeys.database | string | `"database"` | key in existingSecret with name of the database | -| syncv3.postgresql.global.postgresql.auth.secretKeys.databaseHostname | string | `"hostname"` | key in existingSecret with hostname of the database | -| syncv3.postgresql.global.postgresql.auth.secretKeys.databaseUsername | string | `"username"` | key in existingSecret with username for matrix to connect to db | -| syncv3.postgresql.global.postgresql.auth.secretKeys.userPasswordKey | string | `"password"` | key in existingSecret with password for matrix to connect to db | -| syncv3.postgresql.global.postgresql.auth.username | string | `"syncv3"` | username of matrix-sliding-sync postgres user | -| syncv3.postgresql.persistence.enabled | bool | `false` | | -| syncv3.postgresql.volumePermissions.enabled | bool | `true` | Enable init container that changes the owner and group of the PVC | -| syncv3.syncv3.bindaddr | string | `"0.0.0.0:8008"` | SYNCV3_BINDADDR - The interface and port to listen on. (Supports unix socket: /path/to/socket) | -| syncv3.syncv3.db | string | `""` | SYNCV3_DB - db connection string: https://www.postgresql.org/docs/current/libpq-connect.html if db is empty, you must either provide postgresql or externalDatabase parameters, OR set syncv3.existingDbSecret and syncv3.dbSecretKey | -| syncv3.syncv3.dbSecretKey | string | `"SYNCV3_DB"` | db key in existing Db Secret for | -| syncv3.syncv3.existingDbSecret | string | `""` | use an existing kubernetes secret for the db connection connection string. if set, ignores syncv3.db | -| syncv3.syncv3.existingSyncv3Secret | string | `""` | if set, we'll grab your SYNCV3_SECRET from an existing kubernetes secret and ignore syncv3.secret | -| syncv3.syncv3.logLevel | string | `"info"` | SYNCV3_LOG_LEVEL - The level of verbosity for messages logged. Available values are trace, debug, info, warn, error and fatal | -| syncv3.syncv3.maxDbConn | string | `""` | SYNCV3_MAX_DB_CONN - Default: unset. Max database connections to use when communicating with postgres. Unset or 0 means no limit. | -| syncv3.syncv3.otlp.existingSecret | string | `""` | | -| syncv3.syncv3.otlp.password | string | `""` | SYNCV3_OTLP_PASSWORD - Default: unset. The OTLP password for Basic auth. If unset, does not send an Authorization header. | -| syncv3.syncv3.otlp.url | string | `""` | SYNCV3_OTLP_URL - Default: unset. The OTLP HTTP URL to send spans to e.g https://localhost:4318 - if unset does not send OTLP traces. | -| syncv3.syncv3.otlp.username | string | `""` | SYNCV3_OTLP_USERNAME - Default: unset. The OTLP username for Basic auth. If unset, does not send an Authorization header. | -| syncv3.syncv3.pprof | string | `""` | SYNCV3_PPROF - Default: unset. The bind addr for pprof debugging e.g ':6060'. If not set, does not listen. | -| syncv3.syncv3.prom | string | `""` | SYNCV3_PROM - Default: unset. The bind addr for Prometheus metrics, which will be accessible at /metrics at this address. | -| syncv3.syncv3.secret | string | `""` | SYNCV3_SECRET - Required. A secret to use to encrypt access tokens. Must remain the same for the lifetime of the database. If both syncv3.secret and syncv3.existingSecret are not set, we will autogenerate this value | -| syncv3.syncv3.sentryDsn | string | `""` | SYNCV3_SENTRY_DSN - Default: unset. The Sentry DSN to report events to e.g https://sliding-sync@sentry.example.com/123 - if unset does not send sentry events. | -| syncv3.syncv3.server | string | `""` | SYNCV3_SERVER - Required. The destination homeserver to talk to (CS API HTTPS URL) e.g 'https://matrix-client.matrix.org' (Supports unix socket: /path/to/socket) | -| syncv3.syncv3.syncv3SecretKey | string | `"SYNCV3_SECRET"` | secret key to get synvcv3 secret from in existing kubernetes secret. | -| syncv3.syncv3.tlsCert | string | `""` | SYNCV3_TLS_CERT - Default: unset. Path to a certificate file to serve to HTTPS clients. Specifying this enables TLS on the bound address. | -| syncv3.syncv3.tlsKey | string | `""` | SYNCV3_TLS_KEY - Default: unset. Path to a key file for the certificate. Must be provided along with the certificate file. | | volumes.extraPipPackages.capacity | string | `"100Mi"` | Capacity of the extra pip packages PVC. Note: 1Mi is more than enough, but some cloud providers set a min PVC size of 1Mi or 1Gi, adjust as necessary | | volumes.extraPipPackages.existingClaim | string | `""` | name of an existing persistent volume claim for the extra pip packages | | volumes.extraPipPackages.storageClass | string | `""` | Storage class (optional) | diff --git a/charts/matrix/charts/matrix-sliding-sync-1.2.0.tgz b/charts/matrix/charts/matrix-sliding-sync-1.2.0.tgz deleted file mode 100644 index 97a12be8..00000000 Binary files a/charts/matrix/charts/matrix-sliding-sync-1.2.0.tgz and /dev/null differ diff --git a/charts/matrix/values.yaml b/charts/matrix/values.yaml index 97df1dbb..13de8a83 100644 --- a/charts/matrix/values.yaml +++ b/charts/matrix/values.yaml @@ -784,153 +784,6 @@ synapse: # -- optional: extra volume mounts for the matrix synapse deployment extraVolumeMounts: [] -# values for https://github.com/small-hack/matrix-sliding-sync-chart -syncv3: - # -- enable the sliding sync proxy (required for using element-x if using - # Synapse older than v1.114). You can see all possible values - # [here](https://github.com/small-hack/matrix-sliding-sync-chart). If enabled, - # you must also provide `matrix.extra_well_known_client_content`. - # After Synapse v1.114, this is no longer required. Learn more in the matrix - # [blog post](https://matrix.org/blog/2024/10/29/matrix-2.0-is-here/#1-simplified-sliding-sync) - enabled: false - postgresql: - # -- Whether to deploy the Bitnami Postgresql sub chart - # If postgresql.enabled is set to true, externalDatabase.enabled must be set to false - # else if externalDatabase.enabled is set to true, postgresql.enabled must be set to false - enabled: false - persistence: - enabled: false - - volumePermissions: - # -- Enable init container that changes the owner and group of the PVC - enabled: true - - global: - postgresql: - # global.postgresql.auth overrides postgresql.auth - auth: - # database credentials to use if you don't use an existingSecret - # -- username of matrix-sliding-sync postgres user - username: syncv3 - # -- password of matrix-sliding-sync postgres user - ignored using exsitingSecret - password: changeme - # -- which port to use to connect to your database server - port: 5432 - # -- name of the database - database: syncv3 - # -- Name of existing secret to use for PostgreSQL credentials - existingSecret: "" - # secretKeys to grab from existingSecret - # if postgresql.existingSecret is provided, the following are ignored - # postgresql.password/username/hostname/database - secretKeys: - # -- key in existingSecret with hostname of the database - databaseHostname: hostname - # -- key in existingSecret with name of the database - database: database - # -- key in existingSecret with username for matrix to connect to db - databaseUsername: username - # -- key in existingSecret with password for matrix to connect to db - userPasswordKey: password - # -- key in existingSecret with the admin postgresql password - adminPasswordKey: postgresPassword - - externalDatabase: - # -- enable using an external database *instead of* the Bitnami PostgreSQL sub-chart - # if externalDatabase.enabled is set to true, postgresql.enabled must be set to false - enabled: false - # optional SSL parameters for postgresql, if using your own db instead of the subchart - # ref: https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS - # -- sslmode to use, example: verify-full - sslmode: "" - # make sure any paths here are reflected in slidingSync.extraVolumes and slidingSync.extraVolumeMounts - # -- optional: tls/ssl root cert for postgresql connections - sslrootcert: "" - # -- optional: tls/ssl cert for postgresql connections - sslcert: "" - # -- optional: tls/ssl key for postgresql connections - sslkey: "" - # database credentials to use if you don't use an existingSecret - # -- username of matrix-sliding-sync postgres user - username: syncv3 - # -- password of matrix-sliding-sync postgres user - ignored using exsitingSecret - password: changeme - # -- which port to use to connect to your database server - port: 5432 - # -- hostname of db server. Can be left blank if using postgres subchart - hostname: "" - # -- name of the database to try and connect to - database: "syncv3" - - # -- existing kubernetes secret for ALL syncv3 env vars listed below. if set, - # ignores all values under syncv3 including syncv3.db and syncv3.otlp. - existingEnvSecret: "" - - syncv3: - # -- SYNCV3_DB - db connection string: - # https://www.postgresql.org/docs/current/libpq-connect.html - # if db is empty, you must either provide postgresql or externalDatabase - # parameters, OR set syncv3.existingDbSecret and syncv3.dbSecretKey - db: "" - # -- use an existing kubernetes secret for the db connection connection string. - # if set, ignores syncv3.db - existingDbSecret: "" - # -- db key in existing Db Secret for - dbSecretKey: "SYNCV3_DB" - # -- SYNCV3_SERVER - Required. The destination homeserver to talk to (CS API HTTPS URL) e.g 'https://matrix-client.matrix.org' (Supports unix socket: /path/to/socket) - server: "" - # -- SYNCV3_SECRET - Required. A secret to use to encrypt access tokens. Must remain the same for the lifetime of the database. If both syncv3.secret and syncv3.existingSecret are not set, we will autogenerate this value - secret: "" - # -- if set, we'll grab your SYNCV3_SECRET from an existing kubernetes secret and ignore syncv3.secret - existingSyncv3Secret: "" - # -- secret key to get synvcv3 secret from in existing kubernetes secret. - syncv3SecretKey: "SYNCV3_SECRET" - # -- SYNCV3_BINDADDR - The interface and port to listen on. (Supports unix socket: /path/to/socket) - bindaddr: "0.0.0.0:8008" - # -- SYNCV3_TLS_CERT - Default: unset. Path to a certificate file to serve to HTTPS clients. Specifying this enables TLS on the bound address. - tlsCert: "" - # -- SYNCV3_TLS_KEY - Default: unset. Path to a key file for the certificate. Must be provided along with the certificate file. - tlsKey: "" - # -- SYNCV3_PPROF - Default: unset. The bind addr for pprof debugging e.g ':6060'. If not set, does not listen. - pprof: "" - # -- SYNCV3_PROM - Default: unset. The bind addr for Prometheus metrics, which will be accessible at /metrics at this address. - prom: "" - otlp: - # -- SYNCV3_OTLP_URL - Default: unset. The OTLP HTTP URL to send spans to e.g https://localhost:4318 - if unset does not send OTLP traces. - url: "" - # -- SYNCV3_OTLP_USERNAME - Default: unset. The OTLP username for Basic auth. If unset, does not send an Authorization header. - username: "" - # -- SYNCV3_OTLP_PASSWORD - Default: unset. The OTLP password for Basic auth. If unset, does not send an Authorization header. - password: "" - existingSecret: "" - - # -- SYNCV3_SENTRY_DSN - Default: unset. The Sentry DSN to report events to e.g https://sliding-sync@sentry.example.com/123 - if unset does not send sentry events. - sentryDsn: "" - # -- SYNCV3_LOG_LEVEL - The level of verbosity for messages logged. Available values are trace, debug, info, warn, error and fatal - logLevel: "info" - # -- SYNCV3_MAX_DB_CONN - Default: unset. Max database connections to use when communicating with postgres. Unset or 0 means no limit. - maxDbConn: "" - - networkPolicies: - # -- whether to enable kubernetes network policies or not - enabled: true - - ingress: - enabled: false - className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: chart-example.local - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - mas: # -- enable the MAS (Matrix Authentication Service) sub chart to use OIDC # This is the only way that's tested to use with element-x beta right now @@ -1961,7 +1814,7 @@ bridges: # -- hookshot bridge docker image repository: "halfshot/matrix-hookshot" # -- hookshot bridge docker image tag - tag: "6.0.0" + tag: "6.0.1" # -- hookshot bridge docker image pull policy. If tag is "latest", set tag to "Always" pullPolicy: IfNotPresent