---
kind: Deployment
apiVersion: apps/v1
metadata:
  name: matrix
  labels:
    app: matrix
spec:
  replicas: 1
  selector:
    matchLabels:
      app: matrix
  template:
    metadata:
      labels:
        app: matrix
    spec:
      containers:
      - name: matrix
        image: ghcr.io/element-hq/synapse
        command: ["/bin/bash", "-c", "--"]
        args: ["while true; do sleep 3; done;"] 
        env:
        - name: SYNAPSE_SERVER_NAME
          value: "matrix.dezendorf.net"
        - name: SYNAPSE_CONFIG_PATH
          value: "/data/homeserver.yaml"
        ports:
        - name: web
          containerPort: 8008
        volumeMounts:
          - name: "matrix-homeserver-yaml"
            mountPath: "/data/homeserver.yaml"
            subPath: "homeserver-yaml"
            readOnly: no
          - name: "matrix-homeserver-yaml"
            mountPath: "/homeserver.log"
            subPath: "homeserver-log"
            readOnly: no
          - name: "matrix-homeserver-yaml"
            mountPath: "/data/matrix.dezendorf.net.log.config"
            subPath: "homeserver-log-config"
            readOnly: no
          - name: "matrix-data-volume"
            mountPath: "/data"
            readOnly: no
          - name: "matrix-media-volume"
            mountPath: "/data/media_store"
      volumes:
        - name: "matrix-media-volume"
          persistentVolumeClaim:
            claimName: "matrix-media-pvc"
        - name: "matrix-data-volume"
          persistentVolumeClaim:
            claimName: "matrix-data-pvc"
        - name: "matrix-homeserver-yaml"
          configMap:
            defaultMode: 0777
            name: "matrix-homeserver-yaml"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: matrix-data-pvc
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: longhorn
  resources:
    requests:
      storage: 50G
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: matrix-media-pvc
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: nfs
  resources:
    requests:
      storage: 100G
---
apiVersion: v1
kind: Service
metadata:
  name: matrix
spec:
  type: ClusterIP
  ports:
    - name: web
      port: 8008
  selector:
    app: matrix

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: matrix-ingress-route
  namespace: default
spec:
  entryPoints:
    - web
  routes:
  - match: ((Host(`matrix`)||Host(`matrix.dezendorf.net`)))
    kind: Rule
    priority: 1
    services:
    - name: matrix
      port: 8008
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: matrix-websecure-route
  namespace: default
spec:
  entryPoints:
    - websecure
  routes:
  - match: Host(`matrix.dezendorf.net`)
    kind: Rule
    services:
    - name: matrix
      port: 8008
  tls:
    certResolver: myresolver

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: matrix-homeserver-yaml
  namespace: default
data:
  homeserver-log: |

  homeserver-yaml: |
    # Configuration file for Synapse.
    #
    # This is a YAML file: see [1] for a quick introduction. Note in particular
    # that *indentation is important*: all the elements of a list or dictionary
    # should have the same indentation.
    #
    # [1] https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
    #
    # For more information on how to configure Synapse, including a complete accounting of
    # each option, go to docs/usage/configuration/config_documentation.md or
    # https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html
    server_name: "matrix.dezendorf.net"
    pid_file: /data/homeserver.pid
    listeners:
      - port: 8008
        tls: false
        type: http
        x_forwarded: true
          #bind_addresses: ['::1', '127.0.0.1']
        resources:
          - names: [client, federation]
            compress: false
    database:
      name: sqlite3
      args:
        database: /data/homeserver.db
    log_config: "/data/matrix.dezendorf.net.log.config"
    media_store_path: /data/media_store
    registration_shared_secret: "9.^i#+7YXwrC^bzKMqkenOZb;9ra6jV0zgZMvO:EBQ.CipL47k"
    report_stats: false
    macaroon_secret_key: ".ughvXa0Or.Xv7o5y550cXnTlv.J8*Mq@JAA^1QXuu2bpR@Lpd"
    form_secret: "iESBV0d@Tg;4~:v5KT3-UX.Kva@.cbJZ9SNU:nWKubPo:X^*Y-"
    signing_key_path: "/data/matrix.dezendorf.net.signing.key"
    enable_registration: true
    enable_registration_captcha: true
    public_baseurl: "https://matrix.dezendorf.net"
    recaptcha_public_key: "6LddQ7EqAAAAACWLD1ZKUBKrLHoFvGWhFiNmrgPh"
    recaptcha_private_key: "6LddQ7EqAAAAAOX7Qrn2PL-s2r5Zo4c_aTi4uzkh"
    trusted_key_servers:
      - server_name: "matrix.org"

  homeserver-log-config: |
    version: 1

    formatters:
      precise:
        format: '%(asctime)s - %(name)s - %(lineno)d - %(levelname)s - %(request)s - %(message)s'
    
    handlers:
      console:
        class: logging.StreamHandler
        formatter: precise

    loggers:
      # This is just here so we can leave `loggers` in the config regardless of whether
      # we configure other loggers below (avoid empty yaml dict error).
      _placeholder:
        level: "INFO"
        handlers: [console]
    
      synapse.storage.SQL:
        # beware: increasing this to DEBUG will make synapse log sensitive
        # information such as access tokens.
        level: INFO
        handlers: [console]

    root:
      level: INFO
      handlers: [console]
    disable_existing_loggers: false