## Matrix server name - appears in @user:matrix.hexor.cy
serverName: matrix.hexor.cy

## Use letsencrypt cluster issuer for all ingresses
certManager:
  clusterIssuer: letsencrypt

## Global ingress settings
ingress:
  className: traefik
  annotations:
    traefik.ingress.kubernetes.io/router.middlewares: kube-system-https-redirect@kubernetescrd

## Disable built-in PostgreSQL - using external database
postgres:
  enabled: false

## Disable components we don't need yet
hookshot:
  enabled: false

## MatrixRTC - voice/video calls via LiveKit SFU
matrixRTC:
  enabled: true
  ingress:
    host: livekit.matrix.hexor.cy
  sfu:
    enabled: true
    manualIP: "138.201.61.182"
    nodeSelector:
      kubernetes.io/hostname: master.tail2fe2d.ts.net
    exposedServices:
      rtcTcp:
        enabled: true
        port: 30881
      rtcMuxedUdp:
        enabled: true
        port: 30882
      turnTLS:
        enabled: true
        port: 31443
        domain: turn.matrix.hexor.cy
        tlsTerminationOnPod: true

## Synapse homeserver
synapse:
  enabled: true
  ingress:
    host: synapse.matrix.hexor.cy
  postgres:
    host: psql.psql.svc
    port: 5432
    user: synapse
    database: synapse
    sslMode: prefer
    password:
      secret: matrix-postgres-creds
      secretKey: synapse_db_password
  media:
    storage:
      size: 20Gi
    maxUploadSize: 100M
  # nodeSelector:
  #   kubernetes.io/hostname: nas.homenet

## Matrix Authentication Service
matrixAuthenticationService:
  enabled: true
  ingress:
    host: auth.matrix.hexor.cy
  postgres:
    host: psql.psql.svc
    port: 5432
    user: mas
    database: mas
    sslMode: prefer
    password:
      secret: matrix-postgres-creds
      secretKey: mas_db_password
  ## Admin policy
  additional:
    0-admin-policy:
      config: |
        policy:
          data:
            admin_users:
              - username: ultradesu
    1-oidc:
      configSecret: matrix-oidc-config
      configSecretKey: mas-oidc.yaml
  # nodeSelector:
  #   kubernetes.io/hostname: nas.homenet

## Element Web client
elementWeb:
  enabled: true
  ingress:
    host: chat.matrix.hexor.cy
  # nodeSelector:
  #   kubernetes.io/hostname: nas.homenet

## Element Admin panel
elementAdmin:
  enabled: true
  ingress:
    host: admin.matrix.hexor.cy
  # nodeSelector:
  #   kubernetes.io/hostname: nas.homenet

## Well-known delegation on the base domain (host is derived from serverName)
wellKnownDelegation:
  enabled: true