Merge "devtools/depotview: fix stale branches, clone bug"
diff --git a/app/matrix/homeserver.yaml b/app/matrix/homeserver.yaml
index d83dc3d..00ff7d4 100644
--- a/app/matrix/homeserver.yaml
+++ b/app/matrix/homeserver.yaml
@@ -29,6 +29,7 @@
name: "psycopg2"
args:
user: "synapse"
+ password: "{{ POSTGRES_PASSWORD }}"
database: "synapse"
host: "postgres"
port: "5432"
@@ -83,6 +84,7 @@
## Registration ##
enable_registration: False
+registration_shared_secret: "{{ SYNAPSE_REGISTRATION_SHARED_SECRET }}"
bcrypt_rounds: 12
allow_guest_access: True
enable_group_creation: true
@@ -111,7 +113,15 @@
- "m.room.name"
-app_service_config_files: ["/appservices/irc-freenode/registration.yaml"]
+{% if SYNAPSE_APPSERVICES %}
+app_service_config_files:
+{% for appservice in SYNAPSE_APPSERVICES %} - "{{ appservice }}"
+{% endfor %}
+{% else %}
+app_service_config_files: []
+{% endif %}
+
+macaroon_secret_key: "{{ SYNAPSE_MACAROON_SECRET_KEY }}"
expire_access_token: False
## Signing Keys ##
diff --git a/app/matrix/prod.jsonnet b/app/matrix/prod.jsonnet
index 736cf87..973148a 100644
--- a/app/matrix/prod.jsonnet
+++ b/app/matrix/prod.jsonnet
@@ -16,7 +16,7 @@
serverName: "hackerspace.pl",
storageClassName: "waw-hdd-paranoid-2",
- synapseImage: "informatic/synapse:v1.2.1-env-conf-rev2", // https://github.com/Informatic/synapse/tree/env_config (to be upstreamed...)
+ synapseImage: "matrixdotorg/synapse:v1.11.1",
riotImage: "bubuntux/riot-web:v1.3.2",
casProxyImage: "registry.k0.hswaw.net/q3k/oauth2-cas-proxy:0.1.4"
},
@@ -102,7 +102,7 @@
spec+: {
volumes_: {
data: kube.PersistentVolumeClaimVolume(app.dataVolume),
- config: kube.ConfigMapVolume(app.synapseConfig),
+ config_template: kube.ConfigMapVolume(app.synapseConfig),
} + {
[k]: { secret: { secretName: "appservice-%s-registration" % [k] } }
for k in std.objectFields(app.appservices)
@@ -110,20 +110,28 @@
containers_: {
web: kube.Container("synapse") {
image: cfg.synapseImage,
+ command: ["/bin/sh", "-c", "/start.py migrate_config && exec /start.py"],
ports_: {
http: { containerPort: 8008 },
},
env_: {
+ SYNAPSE_CONFIG_DIR: "/config",
SYNAPSE_CONFIG_PATH: "/config/homeserver.yaml",
- SYNAPSE_macaroon_secret_key: { secretKeyRef: { name: "synapse", key: "macaroon_secret_key" } },
- SYNAPSE_registration_shared_secret: { secretKeyRef: { name: "synapse", key: "registration_shared_secret" } },
- SYNAPSE_database__args__password: { secretKeyRef: { name: "synapse", key: "postgres_password" } },
+ # These values are not used in a template, but
+ # are required by /start.py migrate_config
+ SYNAPSE_SERVER_NAME: "hackerspace.pl",
+ SYNAPSE_REPORT_STATS: "no",
+
+ SYNAPSE_MACAROON_SECRET_KEY: { secretKeyRef: { name: "synapse", key: "macaroon_secret_key" } },
+ SYNAPSE_REGISTRATION_SHARED_SECRET: { secretKeyRef: { name: "synapse", key: "registration_shared_secret" } },
+ POSTGRES_PASSWORD: { secretKeyRef: { name: "synapse", key: "postgres_password" } },
},
volumeMounts_: {
data: { mountPath: "/data" },
- config: {
- mountPath: "/config",
+ config_template: {
+ mountPath: "/conf/homeserver.yaml",
+ subPath: "homeserver.yaml",
},
} + {
[k]: { mountPath: "/appservices/%s" % [k] }