apiVersion: apps/v1 kind: Deployment metadata: name: synapse spec: template: spec: containers: - name: synapse args: - run - --config-path - /config/homeserver.yaml - --config-path - /config/secrets.yaml env: - name: SYNAPSE_CACHE_FACTOR value: "5.00" ports: - name: http containerPort: 8008 protocol: TCP - name: metrics containerPort: 9002 protocol: TCP image: matrixdotorg/synapse imagePullPolicy: IfNotPresent livenessProbe: httpGet: path: /_matrix/client/versions port: 8008 scheme: HTTP initialDelaySeconds: 120 readinessProbe: httpGet: path: /_matrix/client/versions port: 8008 scheme: HTTP initialDelaySeconds: 10 resources: # These are just some arbitrary values, will have to be tuned or removed per-deployment requests: memory: 1Gi cpu: 1000m limits: memory: 1Gi cpu: 1 volumeMounts: - name: data mountPath: /data - name: keys mountPath: /config/keys - name: config mountPath: /config/homeserver.yaml subPath: homeserver.yaml - name: config mountPath: /usr/local/lib/python3.11/site-packages/shared_secret_authenticator.py subPath: shared_secret_authenticator.py - name: log-config mountPath: /config/log.config subPath: log.config - name: config-secrets mountPath: /config/secrets.yaml subPath: homeserver.yaml - name: config-secrets mountPath: /bridges/mautrix-slack-bridge.yaml subPath: mautrix-slack-bridge.yaml - name: config-secrets mountPath: /bridges/mautrix-telegram-bridge.yaml subPath: mautrix-telegram-bridge.yaml - name: config-secrets mountPath: /bridges/appservice-matrix-bridge.yaml subPath: appservice-matrix-bridge.yaml - name: tmp mountPath: /tmp restartPolicy: Always securityContext: runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 volumes: # Will need to be a persistant volume of some kind to support media uploads, unless using matrix-media-repo - name: data emptyDir: {} - name: tmp emptyDir: {} - name: keys secret: secretName: signing-key - name: config-secrets secret: secretName: config - configMap: name: synapse name: config - configMap: name: synapse-log name: log-config