typokign / matrix-chart

Helm chart for deploying a Matrix homeserver stack
MIT License
88 stars 47 forks source link
helm helm-charts kubernetes matrix synapse

Matrix Chart

A Helm chart for deploying a Matrix homeserver stack in Kubernetes.

Features

Installation

Some documentation is available in values.yaml, and a complete configuration guide is coming soon.

Choose one of the two options below to install the chart.

Chart Repository (recommended)

This chart is published to my Helm chart repository at https://dacruz21.github.io/helm-charts. To install this chart:

  1. Create an empty chart to hold your configuration

    helm create mychart
    cd mychart
  2. Add this chart to your chart's dependencies by editing Chart.yaml and adding the following lines:

    dependencies:
      - name: matrix
        version: 2.8.0
        repository: https://dacruz21.github.io/helm-charts
  3. Run helm dependency update to download the chart into the charts/ directory.

  4. Configure the chart by editing values.yaml, adding a matrix: object, and adding any config overrides under this object.

  5. Deploy your customized chart with helm install mychart .

Git

You can also clone this repo directly and override the values.yaml provided. To do so, run the following commands:

git clone https://github.com/dacruz21/matrix-chart.git
cd matrix-chart
helm dependency update
helm install matrix .

Security

Helm currently does not officially support chart signatures created by GPG keys stored on smartcards. This may change in the future, in which case I will start packaging this chart with the standard .prov signatures, but until then signatures must be verified manually.

GPG signatures are available within the chart repo and can be found by appending .gpg to the end of the package URL. For example, the signature for v2.8.0 is available at https://dacruz21.github.io/helm-charts/matrix-2.8.0.tgz.gpg.

These GPG signatures are signed with the same PGP key that is used to sign commits in this Git repository. The key is available by searching for david@typokign.com on a public keyserver, or by downloading it from my website at https://typokign.com/key.gpg.

If you find any security vulnerabilities in this Helm chart, please contact me by sending a PGP-encrypted email (encrypted to F13C346C0DE56944) to david@typokign.com. Vulnerabilities in upstream services should be reported to that service's developers.