Home Explore Help
Register Sign In
breandan
/
monorepo
1
0
Fork 0
Files Issues 4 Pull Requests 0 Wiki
Browse Source

Move matrix to postgres, rotate keys

Breandan Dezendorf 7 months ago
parent
ca7fe1f49f
commit
4ad73a0ba4
1 changed files with 21 additions and 9 deletions
Split View Show Diff Stats
  1. 21 9
      dezendorf/homelab/k3s/matrix/matrix.yaml

+ 21 - 9
dezendorf/homelab/k3s/matrix/matrix.yaml
View File 

@@ -45,6 +45,10 @@ spec:
 
             mountPath: "/data/matrix.dezendorf.net.log.config"
 
             subPath: "homeserver-log-config"
 
             readOnly: no
 
+          - name: "matrix-homeserver-yaml"
 
+            mountPath: "/data/matrix.dezendorf.net.signing.key"
 
+            readOnly: no
 
+            subPath: "matrix-dezendorf-net-signing-key"
 
           - name: "matrix-data-volume"
 
             mountPath: "/data"
 
             readOnly: no
 
@@ -224,6 +228,9 @@ metadata:
 
 data:
 
   homeserver-log: |
 
 
+  matrix-dezendorf-net-signing-key: |
 
+    ed25519 a_xHsH bCSbSZVaDAz5pgKweKO3nIgXK8PL5rOhfbWbwkh63kg
 
+
 
   homeserver-yaml: |
 
     # Configuration file for Synapse.
 
     #
 
@@ -248,9 +255,14 @@ data:
 
           - names: [client, federation]
 
             compress: false
 
     database:
 
-      name: sqlite3
 
+      name: psycopg2
 
       args:
 
-        database: /data/homeserver.db
 
+        user: synapse_user
 
+        password: "Bee1701Charming1!"
 
+        dbname: synapse
 
+        host: postgres-mas
 
+        cp_min: 5
 
+        cp_max: 10
 
     log_config: "/data/matrix.dezendorf.net.log.config"
 
     media_store_path: /data/media_store
 
     registration_shared_secret: "9.^i#+7YXwrC^bzKMqkenOZb;9ra6jV0zgZMvO:EBQ.CipL47k"
 
@@ -287,11 +299,11 @@ data:
 
         issuer: https://matrix-auth.dezendorf.net
 
 
         # Matches the `client_id` in the auth service config
 
-        client_id: 01JNE805N1CE31RTW79FYC68VA
 
+        client_id: 01JNKPPJSBJR4X9DCM2F631H2E
 
         # Matches the `client_auth_method` in the auth service config
 
         client_auth_method: client_secret_basic
 
         # Matches the `client_secret` in the auth service config
 
-        client_secret: "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"
 
+        client_secret: "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"
 
 
         # Matches the `matrix.secret` in the auth service config
 
         admin_token: "yvuN4UMz6ZHWWp4WVNxWbBneWSlNLwYy"
 
@@ -443,17 +455,17 @@ data:
 
       secret: yvuN4UMz6ZHWWp4WVNxWbBneWSlNLwYy
 
       endpoint: https://matrix.dezendorf.net
 
     clients:
 
-      - client_id: 01JNE805N1CE31RTW79FYC68VA
 
+      - client_id: 01JNKPPJSBJR4X9DCM2F631H2E
 
         client_auth_method: client_secret_basic
 
-        client_secret: "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"
 
+        client_secret: "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"
 
     upstream_oauth2:
 
       providers:
 
-      - id: 01JNE805N1CE31RTW79FYC68VA
 
+      - id: 01JNKPPJSBJR4X9DCM2F631H2E
 
         human_name: Google
 
         brand_name: "google"
 
         issuer: "https://accounts.google.com"
 
-        client_id: "743600892864-394ileehj9l1vfvvip3l3meqb0it6g50.apps.googleusercontent.com"
 
-        client_secret: "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"
 
+        client_id: "743600892864-giudqeu3spf1h8mp7cblv13ticm1v1pq.apps.googleusercontent.com"
 
+        client_secret: "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"
 
         token_endpoint_auth_method: client_secret_post
 
         scope: "openid profile email"
 
         claims_imports: