57 lines
1.6 KiB
YAML
57 lines
1.6 KiB
YAML
|
# services/communication/mas-configmap.yaml
|
||
|
|
apiVersion: v1
|
||
|
|
kind: ConfigMap
|
||
|
|
metadata:
|
||
|
|
name: matrix-authentication-service-config
|
||
|
|
namespace: communication
|
||
|
|
data:
|
||
|
|
config.yaml: |
|
||
|
|
http:
|
||
|
|
public_base: "https://matrix.live.bstein.dev/"
|
||
|
|
|
||
|
|
database:
|
||
|
|
uri: "postgresql://mas:@@MAS_DB_PASSWORD@@@postgres-service.postgres.svc.cluster.local:5432/mas?sslmode=prefer"
|
||
|
|
|
||
|
|
secrets:
|
||
|
|
encryption_file: /etc/mas/secrets/encryption
|
||
|
|
keys_dir: /etc/mas/keys
|
||
|
|
|
||
|
|
passwords:
|
||
|
|
enabled: true
|
||
|
|
|
||
|
|
matrix:
|
||
|
|
kind: synapse
|
||
|
|
homeserver: live.bstein.dev
|
||
|
|
endpoint: "http://othrys-synapse-matrix-synapse:8008/"
|
||
|
|
secret_file: /etc/mas/secrets/matrix_shared_secret
|
||
|
|
|
||
|
|
upstream_oauth2:
|
||
|
|
providers:
|
||
|
|
- id: 01KDTTKYCYTAAAQKMAKZZ5CPW3
|
||
|
|
synapse_idp_id: oidc-keycloak
|
||
|
|
issuer: "https://sso.bstein.dev/realms/atlas"
|
||
|
|
human_name: "Keycloak"
|
||
|
|
brand_name: "keycloak"
|
||
|
|
client_id: "othrys-mas"
|
||
|
|
client_secret_file: /etc/mas/secrets/keycloak_client_secret
|
||
|
|
token_endpoint_auth_method: client_secret_post
|
||
|
|
scope: "openid profile email"
|
||
|
|
claims_imports:
|
||
|
|
localpart:
|
||
|
|
action: require
|
||
|
|
template: "{{ user.preferred_username }}"
|
||
|
|
on_conflict: add
|
||
|
|
displayname:
|
||
|
|
action: force
|
||
|
|
template: "{{ user.name }}"
|
||
|
|
email:
|
||
|
|
action: force
|
||
|
|
template: "{{ user.email }}"
|
||
|
|
|
||
|
|
policy:
|
||
|
|
data:
|
||
|
|
client_registration:
|
||
|
|
allow_insecure_uris: true
|
||
|
|
allow_host_mismatch: true
|
||
|
|
allow_missing_client_uri: true
|