Auto-update README with current k8s applications

Generated by CI/CD workflow on 2026-03-16 10:28:53

This PR updates the README.md file with the current list of applications found in the k8s/ directory structure.

k8s/apps/matrix/external-secrets.yaml

@@ -52,12 +52,11 @@ spec:
         mas-oidc.yaml: |
           upstream_oauth2:
             providers:
-              - id: 001KKV4EKY7KG98W2M9T806K6A
+              - id: authentik
                 human_name: Authentik
                 issuer: https://idm.hexor.cy/application/o/matrix/
-                client_id: "{{ .oauth_client_id }}"
-                client_secret: "{{ .oauth_client_secret }}"
-                token_endpoint_auth_method: client_secret_post
+                client_id: {{ .oauth_client_id }}
+                client_secret: {{ .oauth_client_secret }}
                 scope: "openid profile email"
                 claims_imports:
                   localpart:

k8s/apps/matrix/matrix-stack-values.yaml

@@ -20,12 +20,12 @@ matrixRTC:
   enabled: false
 hookshot:
   enabled: false
+haproxy:
+  enabled: false
 
 ## Synapse homeserver
 synapse:
   enabled: true
-  ingress:
-    host: matrix.hexor.cy
   postgres:
     host: psql.psql.svc
     port: 5432
@@ -35,11 +35,6 @@ synapse:
     password:
       secret: matrix-postgres-creds
       secretKey: synapse_db_password
-  additional:
-    0-unsafe-locale:
-      config: |
-        database:
-          allow_unsafe_locale: true
   media:
     storage:
       size: 20Gi
@@ -50,8 +45,6 @@ synapse:
 ## Matrix Authentication Service
 matrixAuthenticationService:
   enabled: true
-  ingress:
-    host: auth.matrix.hexor.cy
   postgres:
     host: psql.psql.svc
     port: 5432
@@ -61,15 +54,9 @@ matrixAuthenticationService:
     password:
       secret: matrix-postgres-creds
       secretKey: mas_db_password
-  ## Admin policy
+  ## Authentik OIDC upstream provider
   additional:
-    0-admin-policy:
-      config: |
-        policy:
-          data:
-            admin_users:
-              - username: ultradesu
-    1-oidc:
+    0-oidc:
       configSecret: matrix-oidc-config
       configSecretKey: mas-oidc.yaml
   # nodeSelector:
@@ -91,6 +78,8 @@ elementAdmin:
   # nodeSelector:
   #   kubernetes.io/hostname: nas.homenet
 
-## Well-known delegation on the base domain (host is derived from serverName)
+## Well-known delegation on the base domain
 wellKnownDelegation:
   enabled: true
+  ingress:
+    host: matrix.hexor.cy

terraform/authentik/oauth2-apps.auto.tfvars

@@ -195,7 +195,7 @@ oauth_applications = {
     meta_description = "Matrix Chat"
     meta_icon        = "https://img.icons8.com/ios/100/40C057/matrix-logo.png"
     redirect_uris = [
-      "https://auth.matrix.hexor.cy/upstream/callback/001KKV4EKY7KG98W2M9T806K6A",
+      "https://matrix.hexor.cy/_matrix/client/unstable/org.matrix.msc2965/auth/upstream/callback",
     ]
     meta_launch_url            = "https://matrix.hexor.cy"
     client_type                = "confidential"