Add TLS to federation port.

typokign / matrix-chart

Helm chart for deploying a Matrix homeserver stack

MIT License

89 stars 48 forks source link

Add TLS to federation port. #29

Closed Routhinator closed 4 years ago

Routhinator commented 4 years ago

This allows optional binding of the existing matrix-tls certificate to the synapse federation port.

As we discussed a seperate ingress is likely a far better implementation, However for your review on how I did this as it is relevant for coturn as well.

typokign commented 4 years ago

I've landed your suggestion to use an Ingress. Are you still interested in supporting this method as well?

https://github.com/dacruz21/matrix-chart/commit/8ff92ab3f8b2c49b7f29ebe6338edefc9c6690ae

Personally I would rather wait until I get around to adding TLS to Coturn. Since managing TLS certificates is not standardized in Kubernetes, I don't think the setup in this PR is very portable.

Routhinator commented 4 years ago

Might as well drop this one, however this method should be portable since the cert paths are overridable and someone could mount any cert into the container this way. Any secret resouce can contain any provided cert, whether provided by cert-manager or manually created.