added matrix synapse deployment

apps/gitea/values.yaml

@@ -17,14 +17,14 @@ ingress:
     kubernetes.io/tls-acme: "true"
     cert-manager.io/cluster-issuer: letsencrypt-http
   hosts:
-    - host: code.example.org
+    - host: code.k8s.dev.fabcity-hamburg.de
       paths:
         - path: /
           pathType: Prefix
   tls:
     - secretName: interfacer-gitea-tls
       hosts:
-        - code.example.org
+        - code.k8s.dev.fabcity-hamburg.de
 resources:
   requests:
     cpu: 100m

apps/interfacer-core/values.yaml

@@ -1,3 +1,3 @@
 ---
 gateway:
-  url: "https://gateway.example.org/"
+  url: "https://gateway.k8s.dev.fabcity-hamburg.de/"

apps/kustomization.yaml

@@ -3,3 +3,4 @@ resources:
   - interfacer-webpresence
   - interfacer-core
   - gitea
+  - synapse

apps/synapse/kustomization.yaml

@@ -0,0 +1,11 @@
+---
+namespace: synapse
+resources:
+  - namespace.yaml
+helmCharts:
+  - name: matrix-synapse
+    version: 3.0.0
+    releaseName: interfacer-synapse
+    namespace: synapse
+    repo: https://ananace.gitlab.io/charts
+    valuesFile: values.yaml

apps/synapse/namespace.yaml

@@ -0,0 +1,5 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: synapse

apps/synapse/secret.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: synapse-tls

apps/synapse/values.yaml

@@ -0,0 +1,31 @@
+---
+serverName: 'k8s.dev.fabcity-hamburg.de'
+
+config:
+  publicBaseurl: 'https://matrix.k8s.dev.fabcity-hamburg.de'
+  reportStats: true
+  enableRegistration: true
+  trustedKeyServers:
+    - server_name: matrix.org
+
+extraConfig:
+  enable_search: true
+  enable_registration_without_verification: true
+  allow_public_rooms_over_federation: true
+  dynamic_thumbnails: true
+
+wellknown:
+  enabled: true
+  replicaCount: 1
+  server:
+    m.server: matrix.k8s.dev.fabcity-hamburg.de:443
+  client:
+    m.homeserver:
+      base_url: https://matrix.k8s.dev.fabcity-hamburg.de
+  extraData:
+    support:
+      admins:
+        - matrix_id: '@hostmaster:fabcity-hamburg.de'
+          email_address: 'hostmaster@fabcity-hamburg.de'
+          role: 'admin'
+      support_page: 'https://www.fabcity.hamburg/impressum/'

base/cert-manager/letsencrypt.yaml

@@ -5,7 +5,7 @@ metadata:
   name: letsencrypt-http
 spec:
   acme:
-    email: hostmaster@example.org
+    email: hostmaster@fabcity-hamburg.de
     server: https://acme-v02.api.letsencrypt.org/directory
     privateKeySecretRef:
       name: letsencrypt-key
@@ -20,7 +20,7 @@ metadata:
   name: letsencrypt-http-staging
 spec:
   acme:
-    email: hostmaster@example.org
+    email: hostmaster@fabcity-hamburg.de
     server: https://acme-staging-v02.api.letsencrypt.org/directory
     privateKeySecretRef:
       name: letsencrypt-key-staging

overlays/prod/interfacer-core/ingress.yaml

@@ -8,7 +8,7 @@ metadata:
     cert-manager.io/cluster-issuer: letsencrypt-http
 spec:
   rules:
-    - host: hub.example.org
+    - host: hub.k8s.dev.fabcity-hamburg.de
       http:
         paths:
           - path: /
@@ -20,7 +20,7 @@ spec:
                   name: http
   tls:
     - hosts:
-        - hub.example.org
+        - hub.k8s.dev.fabcity-hamburg.de
       secretName: interfacer-core-frontend-tls
 ---
 apiVersion: networking.k8s.io/v1
@@ -32,7 +32,7 @@ metadata:
     cert-manager.io/cluster-issuer: letsencrypt-http
 spec:
   rules:
-    - host: gateway.example.org
+    - host: gateway.k8s.dev.fabcity-hamburg.de
       http:
         paths:
           - path: /
@@ -44,5 +44,5 @@ spec:
                   name: http
   tls:
     - hosts:
-        - gateway.example.org
+        - gateway.k8s.dev.fabcity-hamburg.de
       secretName: interfacer-core-gateway-tls

overlays/prod/interfacer-webpresence/ingress.yaml

@@ -8,7 +8,7 @@ metadata:
     cert-manager.io/cluster-issuer: letsencrypt-http
 spec:
   rules:
-    - host: www.example.org
+    - host: www.k8s.dev.fabcity-hamburg.de
       http:
         paths:
           - path: /
@@ -20,5 +20,5 @@ spec:
                   name: http
   tls:
     - hosts:
-        - www.example.org
+        - www.k8s.dev.fabcity-hamburg.de
       secretName: interfacer-webpresence-tls

overlays/prod/kustomization.yaml

@@ -4,3 +4,4 @@ resources:
   - ../../apps
   - interfacer-webpresence
   - interfacer-core
+  - synapse

overlays/prod/synapse/ingress.yaml

@@ -0,0 +1,24 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: synapse
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    cert-manager.io/cluster-issuer: letsencrypt-http
+spec:
+  rules:
+    - host: matrix.k8s.dev.fabcity-hamburg.de
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: interfacer-synapse-matrix-synapse
+                port:
+                  name: http
+  tls:
+    - hosts:
+        - matrix.k8s.dev.fabcity-hamburg.de
+      secretName: synapse-tls

overlays/prod/synapse/kustomization.yaml

@@ -0,0 +1,4 @@
+---
+namespace: synapse
+resources:
+  - ingress.yaml