diff --git a/matrix/app_of_apps_with_bridges/README.md b/matrix/app_of_apps_with_bridges/README.md index 22b8e00ba..0b2c1c6c4 100644 --- a/matrix/app_of_apps_with_bridges/README.md +++ b/matrix/app_of_apps_with_bridges/README.md @@ -2,6 +2,7 @@ This is an example matrix ArgoCD app of apps, which matches the other matrix app - [discord bridge](https://docs.mau.fi/bridges/general/docker-setup.html?bridge=discord) for bridging discord with matrix - [alertmanager](https://github.com/small-hack/matrix-alertmanager) for bridging prometheus with matrix +- [rss](https://github.com/small-hack/matrix-rss-bot) for bridging rss feeds into various rooms ## Tips diff --git a/matrix/app_of_apps_with_bridges/external_secrets_argocd_appset.yaml b/matrix/app_of_apps_with_bridges/external_secrets_argocd_appset.yaml index e0faf9a0e..8492adbdc 100644 --- a/matrix/app_of_apps_with_bridges/external_secrets_argocd_appset.yaml +++ b/matrix/app_of_apps_with_bridges/external_secrets_argocd_appset.yaml @@ -19,6 +19,7 @@ spec: # - matrix_trusted_key_servers_bitwarden_id - matrix_alertmanager_bitwarden_id - matrix_discord_bitwarden_id + - matrix_rss_bitwarden_id - global_external_secrets - matrix_oidc_credentials_bitwarden_id - matrix_postgres_credentials_bitwarden_id @@ -46,7 +47,7 @@ spec: source: repoURL: 'https://github.com/small-hack/argocd-apps.git' path: matrix/external_secrets/ - targetRevision: main + targetRevision: add-rss-bot helm: valuesObject: # use openbao or bitwarden @@ -76,4 +77,5 @@ spec: bridges: alertmanager_bitwarden_ID: '{{ .matrix_alertmanager_bitwarden_id }}' + rss_bitwarden_ID: '{{ .matrix_rss_bitwarden_id }}' discord_bitwarden_ID: '{{ .matrix_discord_bitwarden_id }}' diff --git a/matrix/app_of_apps_with_bridges/matrix_argocd_appset.yaml b/matrix/app_of_apps_with_bridges/matrix_argocd_appset.yaml index f53195ab5..eccc8c24f 100644 --- a/matrix/app_of_apps_with_bridges/matrix_argocd_appset.yaml +++ b/matrix/app_of_apps_with_bridges/matrix_argocd_appset.yaml @@ -54,12 +54,12 @@ spec: prune: true selfHeal: true source: - repoURL: 'https://small-hack.github.io/matrix-chart' - targetRevision: 13.2.0 - chart: matrix - # repoURL: 'https://github.com/small-hack/matrix-chart' - # targetRevision: main - # path: charts/matrix/ + # repoURL: 'https://small-hack.github.io/matrix-chart' + # targetRevision: 13.1.0 + # chart: matrix + repoURL: 'https://github.com/small-hack/matrix-chart' + targetRevision: add-rss-bot + path: charts/matrix/ helm: valuesObject: fullnameOverride: matrix-stack @@ -92,10 +92,10 @@ spec: # -- Settings related to image and multimedia uploads uploads: # -- Max upload size in bytes - maxSize: 10M + maxSize: 100M # -- Max image size in pixels - maxPixels: 32M + maxPixels: 64M serve_server_wellknown: true @@ -622,13 +622,87 @@ spec: storageClass: local-path accessMode: ReadWriteOnce - alertmanager: + rss: enabled: true + image: + # -- rss bridge docker image + repository: "jessebot/matrix-rss-bot" + # -- rss bridge docker image tag + tag: "0.2.0-dev-24" + # -- rss bridge docker image pull policy. + # If tag is "main", set pullPolicy to "Always" + pullPolicy: IfNotPresent + + # -- set the revisionHistoryLimit to decide how many replicaSets are + # kept when you change a deployment. Explicitly setting this field to 0, + # will result in cleaning up all the history of your Deployment thus that + # Deployment will not be able to roll back. revisionHistoryLimit: 1 - image: - tag: 0.12.0-dev-6 + existingSecret: + # -- use an existing Kubernetes secret for your entire appservice registration file. + # must have a secret key called registration.yaml. If provided, ignores bridges.rss.registration + registration: "" + # -- use an existing Kubernetes secret for your entire feeds.yml file. + # must have a secret key called feeds.yml. If provided, ignores bridges.rss.feeds + feeds: "" + + # -- optionally provide an existing Kubernetes ConfigMap with a key of feeds.yml + # if set, bridges.rss.feeds will be ignored. + existingFeedsConfigMap: "" + + # this section is for registering the application service with matrix + # read more about application services here: + # https://spec.matrix.org/v1.11/application-service-api/ + registration: + id: "rss-bot" + sender_localpart: "rss" + # like http://matrix-rss-service:3000 + url: "" + # -- should this bot be rate limited? + rate_limited: false + # -- Use an existing Kubernetes Secret to store your own generated appservice + # and homeserver tokens. If this is not set, we'll generate them for you. + # Setting this won't override the ENTIRE registration.yaml we generate for + # the synapse pod to authenticate mautrix/discord. It will only replaces the tokens. + # To replaces the ENTIRE registration.yaml, use + # bridges.rss.existingSecret.registration + existingSecret: "matrix-bridge-rss" + existingSecretKeys: + # -- key in existingSecret for as_token (application service token). If + # provided and existingSecret is set, ignores bridges.rss.registration.as_token + as_token: "as_token" + # -- key in existingSecret for hs_token (home server token) + hs_token: "hs_token" + + encryption: false + + config: + bot: + # -- the username of the bot (we will automatically template the homeserver) + user: "rss" + # -- optionally provide a display name for this bot + display_name: "RSS Bot" + # -- optionally provide an mxc:// file to use as an avatar for this bot + avatar: "" + # -- the default room to post things in and interact in + default_room: "!RTkTbtPFXALdjmxAWn:{{ .matrix_hostname }}" + # -- interval to update all feeds, in seconds + interval: 480 + log: + level: debug + + # -- optionally provide a list of RSS feeds to add to the rss bot on startup + feeds: + - name: "matrix.org blog" + url: "https://matrix.org/blog/feed" + room_id: "!AUweUQXCxcVfFOaOIU:matrix.org" + - name: "GitHub Status" + url: "https://www.githubstatus.com/feed" + alertmanager: + enabled: true + revisionHistoryLimit: 1 registration: id: "alertmanager" rate_limited: false diff --git a/matrix/external_secrets/templates/bitwarden/bridge_rss.yaml b/matrix/external_secrets/templates/bitwarden/bridge_rss.yaml new file mode 100644 index 000000000..77152a676 --- /dev/null +++ b/matrix/external_secrets/templates/bitwarden/bridge_rss.yaml @@ -0,0 +1,45 @@ +{{- if and (eq .Values.external_secrets_provider "bitwarden") .Values.bridges.rss_bitwarden_ID }} +{{- if not (eq .Values.bridges.rss_bitwarden_ID "Not Applicable") }} +--- +# secret matrix email stuff +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: matrix-bridge-rss +spec: + target: + # Name of the kubernetes secret to create + name: matrix-bridge-rss + deletionPolicy: Delete + template: + type: Opaque + data: + as_token: |- + {{ `{{ .astoken }}` }} + hs_token: |- + {{ `{{ .hstoken }}` }} + + data: + - secretKey: astoken + sourceRef: + storeRef: + name: bitwarden-fields + kind: ClusterSecretStore + remoteRef: + # name of the bitwarden secret + key: {{ .Values.bridges.rss_bitwarden_ID }} + # property within the bitwarden secret we want + property: as_token + + - secretKey: hstoken + sourceRef: + storeRef: + name: bitwarden-fields + kind: ClusterSecretStore + remoteRef: + # name of the bitwarden secret + key: {{ .Values.bridges.rss_bitwarden_ID }} + # property within the bitwarden secret we want + property: hs_token +{{- end }} +{{- end }} diff --git a/matrix/external_secrets/values.yaml b/matrix/external_secrets/values.yaml index 9816330f7..52db237c5 100644 --- a/matrix/external_secrets/values.yaml +++ b/matrix/external_secrets/values.yaml @@ -49,3 +49,5 @@ bridges: alertmanager_bitwarden_ID: "" # -- bitwarden id containing secrets for discord bridge discord_bitwarden_ID: "" + # -- bitwarden id containing secrets for RSS feeds bridge + rss_bitwarden_ID: ""