apiVersion: v1
kind: ConfigMap
metadata:
  name: matrix-config
data:
  POSTGRES_USER: postgres_user
  POSTGRES_DB: postgres_synapse_database
  POSTGRES_PASSWORD: postgres_password
  POSTGRES_INITDB_ARGS: --encoding=UTF-8 --lc-collate=C --lc-ctype=C
  ## Sliding Sync Proxy, will need a separate database created manually in the container.
  ## podman exec -it matrix-db psql -U synapse -c 'CREATE DATABASE syncv3 WITH OWNER synapse'
  ## Replace 'postgres_user', 'postgres_password' and 'syncv3' with the correct values
  SYNCV3_BINDADDR: "0.0.0.0:8118"
  SYNCV3_DB: "user=postgres_user dbname=syncv3 sslmode=disable host=127.0.0.1 password='postgres_password'"
  SYNCV3_SERVER: https://example.com"
  SYNCV3_SECRET: ## Generate secret with `openssl rand -hex 32` and paste here
  
---
apiVersion: v1
kind: Pod
metadata:
  annotations:
  creationTimestamp: "2022-09-29T06:34:53Z"
  labels:
    app: matrix
  name: matrix
spec:
  volumes:
  - name: matrix-psql-pvc
    persistentVolumeClaim:
      claimName: matrix-psql
  - hostPath:
      path: /path/to/matrix/synapse
      type: Directory
    name: data-matrix-synapse-host-0
  #- hostPath:
  #    path: /path/to/matrix/mautrix-discord
  #    type: Directory
  #  name: data-matrix-mautrix-discord-host-0
  #- hostPath:
  #    path: /path/to/matrix/mautrix-whatsapp
  #    type: Directory
  #  name: data-matrix-mautrix-whatsapp-host-0
  #- hostPath:
  #    path: /path/to/matrix/mautrix-gmessages
  #    type: Directory
  #  name: data-matrix-mautrix-gmessages-host-0
  
  containers:
  - image: ghcr.io/matrix-org/synapse:latest
    name: synapse
    ports:
    - containerPort: 8008
      hostPort: 8008
    - containerPort: 8118
      hostPort: 8118
    - containerPort: 9000
      hostPort: 9001
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /data
      name: data-matrix-synapse-host-0
  - image: ghcr.io/matrix-org/sliding-sync:latest
    name: syncv3
    envFrom:
    - configMapRef:
        name: matrix-config
        optional: false
    resources: {}
  - image: docker.io/library/postgres:14-alpine
    args:
    - postgres
    envFrom:
    - configMapRef:
        name: matrix-config
        optional: false
    name: db
    resources: {}
    securityContext:
      capabilities:
        drop:
        - CAP_MKNOD
        - CAP_AUDIT_WRITE
    volumeMounts:
    - mountPath: /var/lib/postgresql/data
      name: matrix-psql-pvc
  #- image: dock.mau.dev/mautrix/discord:latest
  #  imagePullPolicy: never
  #  name: discord
  #  resources: {}
  #  securityContext:
  #    capabilities:
  #      drop:
  #      - CAP_MKNOD
  #      - CAP_AUDIT_WRITE
  #  volumeMounts:
  #  - mountPath: /data
  #    name: data-matrix-mautrix-discord-host-0
  #- image: dock.mau.dev/mautrix/whatsapp:latest
  #  name: whatsapp
  #  resources: {}
  #  securityContext:
  #    capabilities:
  #      drop:
  #      - CAP_MKNOD
  #      - CAP_AUDIT_WRITE
  #  volumeMounts:
  #  - mountPath: /data
  #    name: data-matrix-mautrix-whatsapp-host-0
  #- image: dock.mau.dev/mautrix/gmessages:latest
  #  name: gmessages
  #  resources: {}
  #  securityContext:
  #    capabilities:
  #      drop:
  #      - CAP_MKNOD
  #      - CAP_AUDIT_WRITE
  #  volumeMounts:
  #  - mountPath: /data
  #    name: data-matrix-mautrix-gmessages-host-0
  #restartPolicy: On-failure
status: {}