forked from public/stack
99 lines
3.0 KiB
YAML
99 lines
3.0 KiB
YAML
|
apiVersion: apps/v1
|
||
|
kind: Deployment
|
||
|
metadata:
|
||
|
name: synapse
|
||
|
spec:
|
||
|
template:
|
||
|
spec:
|
||
|
containers:
|
||
|
- name: synapse
|
||
|
args:
|
||
|
- run
|
||
|
- --config-path
|
||
|
- /config/homeserver.yaml
|
||
|
- --config-path
|
||
|
- /config/secrets.yaml
|
||
|
env:
|
||
|
- name: SYNAPSE_CACHE_FACTOR
|
||
|
value: "5.00"
|
||
|
ports:
|
||
|
- name: http
|
||
|
containerPort: 8008
|
||
|
protocol: TCP
|
||
|
- name: metrics
|
||
|
containerPort: 9002
|
||
|
protocol: TCP
|
||
|
image: matrixdotorg/synapse
|
||
|
imagePullPolicy: IfNotPresent
|
||
|
livenessProbe:
|
||
|
httpGet:
|
||
|
path: /_matrix/client/versions
|
||
|
port: 8008
|
||
|
scheme: HTTP
|
||
|
initialDelaySeconds: 120
|
||
|
readinessProbe:
|
||
|
httpGet:
|
||
|
path: /_matrix/client/versions
|
||
|
port: 8008
|
||
|
scheme: HTTP
|
||
|
initialDelaySeconds: 10
|
||
|
resources:
|
||
|
# These are just some arbitrary values, will have to be tuned or removed per-deployment
|
||
|
requests:
|
||
|
memory: 1Gi
|
||
|
cpu: 1000m
|
||
|
limits:
|
||
|
memory: 1Gi
|
||
|
cpu: 1
|
||
|
volumeMounts:
|
||
|
- name: data
|
||
|
mountPath: /data
|
||
|
- name: keys
|
||
|
mountPath: /config/keys
|
||
|
- name: config
|
||
|
mountPath: /config/homeserver.yaml
|
||
|
subPath: homeserver.yaml
|
||
|
- name: config
|
||
|
mountPath: /usr/local/lib/python3.11/site-packages/shared_secret_authenticator.py
|
||
|
subPath: shared_secret_authenticator.py
|
||
|
- name: log-config
|
||
|
mountPath: /config/log.config
|
||
|
subPath: log.config
|
||
|
- name: config-secrets
|
||
|
mountPath: /config/secrets.yaml
|
||
|
subPath: homeserver.yaml
|
||
|
- name: config-secrets
|
||
|
mountPath: /bridges/mautrix-slack-bridge.yaml
|
||
|
subPath: mautrix-slack-bridge.yaml
|
||
|
- name: config-secrets
|
||
|
mountPath: /bridges/mautrix-telegram-bridge.yaml
|
||
|
subPath: mautrix-telegram-bridge.yaml
|
||
|
- name: config-secrets
|
||
|
mountPath: /bridges/appservice-matrix-bridge.yaml
|
||
|
subPath: appservice-matrix-bridge.yaml
|
||
|
- name: tmp
|
||
|
mountPath: /tmp
|
||
|
restartPolicy: Always
|
||
|
securityContext:
|
||
|
runAsUser: 1000
|
||
|
runAsGroup: 1000
|
||
|
fsGroup: 1000
|
||
|
volumes:
|
||
|
# Will need to be a persistant volume of some kind to support media uploads, unless using matrix-media-repo
|
||
|
- name: data
|
||
|
emptyDir: {}
|
||
|
- name: tmp
|
||
|
emptyDir: {}
|
||
|
- name: keys
|
||
|
secret:
|
||
|
secretName: signing-key
|
||
|
- name: config-secrets
|
||
|
secret:
|
||
|
secretName: config
|
||
|
- configMap:
|
||
|
name: synapse
|
||
|
name: config
|
||
|
- configMap:
|
||
|
name: synapse-log
|
||
|
name: log-config
|