Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

⚠️ MAJOR UPDATE: Feature: add matrix sliding sync and matrix authentication service subcharts #560

Merged
merged 88 commits into from
May 28, 2024

Conversation

jessebot
Copy link
Collaborator

@jessebot jessebot commented May 18, 2024

Changes

  • bumps element version to v1.11.67 and closes Update vectorim/element-web Docker tag to v1.11.67 #562

  • adds some more auto-generated values.yaml docs

  • soft deprecates the synapse.ingress.host parameter, and hard deprecates the synapse.tls.enabled parameter, in favor of proper synapse.ingress.hosts and synapse.ingress.tls parameters. Because of this, matrix.hostname is now required. All in all, this would look like this:

    matrix:
      hostname: my-synapse-hostname.com
    
    synapse:
      enabled: true
      ingress:
        enabled: true
        className: "nginx"
        annotations:
          nginx.ingress.kubernetes.io/configuration-snippet: |
            proxy_intercept_errors off;
          cert-manager.io/cluster-issuer: letsencrypt-staging
        hosts:
          - host: 'my-synapse-hostname.com'
            paths:
              - path: /
                pathType: ImplementationSpecific
        tls:
          - secretName: matrix-tls
            hosts:
              - 'my-synapse-hostname.com'
  • adds web_client_location by default to homeserver.yaml if element.enabled is set to true

  • add matrix.require_auth_for_profile_requests, matrix.limit_profile_requests_to_users_who_share_rooms, matrix.federation_client_minimum_tls_version, and matrix.password_config parameters for the homeserver.yaml

  • sets matrix.federation.enabled and matrix.federation.ingress.enabled to false by default, so that it's opt-in

  • updates all the matrix-org/synapse (archived) URLs in values.yaml docs to element-hq/synapse (fork)

  • element.integrations.enabled is set to false because those are paid features, and they should be opt-in

  • Closes Add support for sliding sync #556 by adding the matrix sliding sync chart as a sub-chart of this chart. This is needed for the new version of Element, currently called element-x during it's beta phase. For more info, please see matrix-org/sliding-sync.

    new syncv3(sliding sync) helm values
    # values for https://github.com/small-hack/matrix-sliding-sync-chart
    # they are called syncv3 because hyphens aren't allowed in gotemplating of subcharts
    # and camelcase is not allowed in kubneretes resources
    syncv3:
      enabled: false
      postgresql:
        # -- Whether to deploy the Bitnami Postgresql sub chart
        # If postgresql.enabled is set to true, externalDatabase.enabled must be set to false
        # else if externalDatabase.enabled is set to true, postgresql.enabled must be set to false
        enabled: true
        persistence:
          enabled: false
        volumePermissions:
          # -- Enable init container that changes the owner and group of the PVC
          enabled: true
        global:
          postgresql:
            # global.postgresql.auth overrides postgresql.auth
            auth:
              # database credentials to use if you don't use an existingSecret
              # -- username of matrix-sliding-sync postgres user
              username: syncv3
              # -- password of matrix-sliding-sync postgres user - ignored using exsitingSecret
              password: changeme
              # -- which port to use to connect to your database server
              port: 5432
              # -- name of the database
              database: syncv3
              # -- Name of existing secret to use for PostgreSQL credentials
              existingSecret: ""
              # secretKeys to grab from existingSecret
              # if postgresql.existingSecret is provided, the following are ignored
              # postgresql.password/username/hostname/database
              secretKeys:
                # -- key in existingSecret with hostname of the database
                databaseHostname: hostname
                # -- key in existingSecret with name of the database
                database: database
                # -- key in existingSecret with username for matrix to connect to db
                databaseUsername: username
                # -- key in existingSecret with password for matrix to connect to db
                userPasswordKey: password
                # -- key in existingSecret with the admin postgresql password
                adminPasswordKey: postgresPassword
    
      externalDatabase:
        # -- enable using an external database *instead of* the Bitnami PostgreSQL sub-chart
        # if externalDatabase.enabled is set to true, postgresql.enabled must be set to false
        enabled: false
        # optional SSL parameters for postgresql, if using your own db instead of the subchart
        # ref: https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS
        # -- sslmode to use, example: verify-full
        sslmode: ""
        # make sure any paths here are reflected in synapse.extraVolumes and synapse.extraVolumeMounts
        # -- optional: tls/ssl root cert for postgresql connections
        sslrootcert: ""
        # -- optional: tls/ssl cert for postgresql connections
        sslcert: ""
        # -- optional: tls/ssl key for postgresql connections
        sslkey: ""
        # database credentials to use if you don't use an existingSecret
        # -- username of matrix-sliding-sync postgres user
        username: syncv3
        # -- password of matrix-sliding-sync postgres user - ignored using exsitingSecret
        password: changeme
        # -- which port to use to connect to your database server
        port: 5432
        # -- hostname of db server. Can be left blank if using postgres subchart
        hostname: ""
        # -- name of the database to try and connect to
        database: "syncv3"
        # -- Name of existing secret to use for PostgreSQL credentials
        existingSecret: ""
        # if externalDatabase.existingSecret is provided, the following are ignored
        # password, username, hostname, database
        # secretKeys to grab from existingSecret
        secretKeys:
          # -- key in existingSecret with hostname of the database
          databaseHostname: hostname
          # -- key in existingSecret with name of the database
          database: database
          # -- key in existingSecret with username for matrix to connect to db
          databaseUsername: username
          # -- key in existingSecret with password for matrix to connect to db
          userPasswordKey: password
          # -- key in existingSecret with the admin postgresql password
          adminPasswordKey: postgresPassword
    
      syncv3:
        # -- existing kubernetes secret for ALL syncv3 env vars listed below. if set, ignores all values below, everything under syncv3 including syncvc.otlp.
        existingSecret: ""
        # -- SYNCV3_SERVER - Required. The destination homeserver to talk to (CS API HTTPS URL) e.g 'https://matrix-client.matrix.org' (Supports unix socket: /path/to/socket)
        server: ""
        # -- SYNCV3_SECRET - Required. A secret to use to encrypt access tokens. Must remain the same for the lifetime of the database. If both syncv3.secret and syncv3.existingSecret are not set, we will autogenerate this value
        secret: ""
        # -- SYNCV3_BINDADDR - The interface and port to listen on. (Supports unix socket: /path/to/socket)
        bindaddr: "0.0.0.0:8008"
        # -- SYNCV3_TLS_CERT - Default: unset. Path to a certificate file to serve to HTTPS clients. Specifying this enables TLS on the bound address.
        tlsCert: ""
        # -- SYNCV3_TLS_KEY - Default: unset. Path to a key file for the certificate. Must be provided along with the certificate file.
        tlsKey: ""
        # -- SYNCV3_PPROF - Default: unset. The bind addr for pprof debugging e.g ':6060'. If not set, does not listen.
        pprof: ""
        # -- SYNCV3_PROM - Default: unset. The bind addr for Prometheus metrics, which will be accessible at /metrics at this address.
        prom: ""
        otlp:
          # -- SYNCV3_OTLP_URL - Default: unset. The OTLP HTTP URL to send spans to e.g https://localhost:4318 - if unset does not send OTLP traces.
          url: ""
          # -- SYNCV3_OTLP_USERNAME - Default: unset. The OTLP username for Basic auth. If unset, does not send an Authorization header.
          username: ""
          # -- SYNCV3_OTLP_PASSWORD - Default: unset. The OTLP password for Basic auth. If unset, does not send an Authorization header.
          password: ""
          existingSecret: ""
    
        # -- SYNCV3_SENTRY_DSN - Default: unset. The Sentry DSN to report events to e.g https://[email protected]/123 - if unset does not send sentry events.
        sentryDsn: ""
        # -- SYNCV3_LOG_LEVEL - The level of verbosity for messages logged. Available values are trace, debug, info, warn, error and fatal
        logLevel: "info"
        # -- SYNCV3_MAX_DB_CONN - Default: unset. Max database connections to use when communicating with postgres. Unset or 0 means no limit.
        maxDbConn: ""
  • Also adds a section to the README explaining how to return the correct json for requests to https://matrix.example.com/.well-known/matrix/client by using matrix.extra_well_known_client_content:

    matrix:
      extra_well_known_client_content:
         "org.matrix.msc3575.proxy":
           "url": "https://your-sliding-sync-hostname.com"
  • Closes MAS - matrix authentication service helm sub-chart needed #561
    a picture with a stick figure illustrating that traffic goes from the client, a stick figure, 1. who sends a message with the token to synapse, which then 2. asks the matrix auth service who is this for? 3. matrix auth service then replies to synapse and says it's for John Doe adds the matrix authentication service chart as a sub-chart of this chart which implements msc3861 which you can read more about in this blog post by matrix.org. This is needed for the new version of Element, currently called element-x during it's beta phase. For more info, please see matrix-org/matrix-authentication-service. Includes two new values.yaml sections:matrix.experimental_features.msc3861, and mas.

    new mas helm values
    mas:
      enabled: false
      # PostgreSQL Database configuration for matrix Authentication Service, for more options:
      # https://github.com/bitnami/charts/tree/main/bitnami/postgresql
      postgresql:
        # -- Whether to deploy the Bitnami Postgresql sub chart
        # If postgresql.enabled is set to true, externalDatabase.enabled must be set to false
        # else if externalDatabase.enabled is set to true, postgresql.enabled must be set to false
        enabled: true
        # persistence:
        #   enabled: false
        volumePermissions:
          # -- Enable init container that changes the owner and group of the PVC
          enabled: true
    
        tls:
          # -- Enable TLS traffic support for postgresql, see [bitnami/charts/postgresql#securing-traffic-using-tls](https://github.com/bitnami/charts/tree/main/bitnami/postgresql#securing-traffic-using-tls)
          enabled: false
          # -- Generate automatically self-signed TLS certificates
          autoGenerated: false
          # -- Whether to use the server's TLS cipher preferences rather than the client's
          preferServerCiphers: true
          # -- Name of an existing secret that contains the certificates
          certificatesSecret: ""
          # -- Certificate filename
          certFilename: ""
          # -- Certificate key filename
          certKeyFilename: ""
          # -- CA Certificate filename
          certCAFilename: ""
          # -- File containing a Certificate Revocation List
          crlFilename: ""
    
        global:
          postgresql:
            # global.postgresql.auth overrides postgresql.auth
            auth:
              # database credentials to use if you don't use an existingSecret
              # -- username of matrix-authentication-service postgres user
              username: mas
              # -- password of matrix-authentication-service postgres user - ignored using exsitingSecret
              password: changeme
              # -- which port to use to connect to your database server
              port: 5432
              # -- name of the database
              database: mas
              # -- Name of existing secret to use for PostgreSQL credentials
              existingSecret: ""
              # secretKeys to grab from existingSecret
              # if postgresql.existingSecret is provided, the following are ignored
              # postgresql.password/username/hostname/database
              secretKeys:
                # -- key in existingSecret with hostname of the database
                databaseHostname: hostname
                # -- key in existingSecret with name of the database
                database: database
                # -- key in existingSecret with username for matrix-authentication-service to connect to db
                databaseUsername: username
                # -- key in existingSecret with password for matrix-authentication-service to connect to db
                userPasswordKey: password
                # -- key in existingSecret with the admin postgresql password
                adminPasswordKey: postgresPassword
    
        # primary database node config
        primary:
          # -- run the scripts in templates/postgresql/initdb-configmap.yaml
          # If using an external Postgres server, make sure to configure the database
          # ref: https://github.com/matrix-org/synapse/blob/master/docs/postgres.md
          initdb:
            scriptsConfigMap: "{{ .Release.Name }}-postgresql-initdb"
    
          podSecurityContext:
            enabled: true
            runAsUser: 1000
            fsGroup: 1000
    
      # matrix authentication external database settings
      externalDatabase:
        # -- enable using an external database *instead of* the Bitnami PostgreSQL sub-chart
        # if externalDatabase.enabled is set to true, postgresql.enabled must be set to false
        enabled: false
        # optional SSL parameters for postgresql, if using your own db instead of the subchart
        # ref: https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-PARAMKEYWORDS
        # -- sslmode to use, example: verify-full
        sslmode: ""
        # make sure any paths here are reflected in matrixAuthenticationService.extraVolumes and matrixAuthenticationService.extraVolumeMounts
        # -- optional: tls/ssl root cert for postgresql connections
        sslrootcert: ""
        # -- optional: tls/ssl cert for postgresql connections
        sslcert: ""
        # -- optional: tls/ssl key for postgresql connections
        sslkey: ""
        # database credentials to use if you don't use an existingSecret
        # -- username of matrix-authentication-service postgres user
        username: mas
        # -- password of matrix-authentication-service postgres user - ignored using exsitingSecret
        password: changeme
        # -- which port to use to connect to your database server
        port: 5432
        # -- hostname of db server. Can be left blank if using postgres subchart
        hostname: ""
        # -- name of the database to try and connect to
        database: "mas"
        # -- Name of existing secret to use for PostgreSQL credentials
        existingSecret: ""
        # if externalDatabase.existingSecret is provided, the following are ignored
        # password, username, hostname, database
        # secretKeys to grab from existingSecret
        secretKeys:
          # -- key in existingSecret with hostname of the database
          databaseHostname: hostname
          # -- key in existingSecret with name of the database
          database: database
          # -- key in existingSecret with username for matrix to connect to db
          databaseUsername: username
          # -- key in existingSecret with password for matrix to connect to db
          userPasswordKey: password
          # -- key in existingSecret with the admin postgresql password
          adminPasswordKey: postgresPassword
    
      networkPolicies:
        enabled: true
    
      # this is for storing your matrix authentication service config file
      configVolume:
        # -- name of an existing persistent volume claim to use for matrix-authentication-service config. If provided, ignores mas parameter map
        existingClaim: ""
        # -- name of storage class for the persistent volume
        storageClassName: "default"
        # -- storage capacity for creating a persistent volume
        storage: "500Mi"
    
      # this stands for Matrix Authentication Service
      mas:
        masClientSecret:
          # -- use an existing secret for clients section of config.yaml for:
          # mas.clients[0].client_id, mas.clients[0].client_secret
          # if set, ignores mas.clients[0].client_id, mas.clients[0].client_secret
          existingSecret: ""
    
          secretKeys:
            # -- key in secret with the client_id
            client_id: "client_id"
            # -- key in secret with the client_secret
            client_secret: "client_secret"
    
        # see more info here:  https://matrix-org.github.io/matrix-authentication-service/reference/configuration.html#clients
        clients:
            # -- a unique identifier for the client. It must be a valid ULID, and it happens that 0000000000000000000SYNAPSE is a valid ULID.
          - client_id: ""
            # -- set to client_secret_basic. Other methods are possible, such as client_secret_post, but this is the easiest to set up.
            client_auth_method: client_secret_basic
            # -- a shared secret used for the homeserver to authenticate
            client_secret: ""
    
        matrix:
          # -- name of your matrix home server (synapse or dendrite) with port if needed
          homeserver: "localhost:8008"
          # -- a shared secret the service will use to call the homeserver admin API
          secret: "test"
          # -- endpoint of your matrix home server (synapse or dendrite) with port if needed
          endpoint: "https://localhost:8008"
          # -- grab the above secret from an existing k8s secret. if set, ignores mas.matrix.secret
          existingSecret: ""
          # -- name of the key in existing secret to grab matrix.secret from
          secretKey: "secret"
    
        policy:
          data:
            # -- Users which are allowed to ask for admin access. If possible, use the
            # can_request_admin flag on users instead.
            admin_users: []
            #  - person1
            #  - person2
    
            # -- Client IDs which are allowed to ask for admin access with a
            # client_credentials grant
            admin_clients: []
            #  - 01H8PKNWKKRPCBW4YGH1RWV279
            #  - 01HWQCPA5KF10FNCETY9402WGF
    
            # Dynamic Client Registration
            client_registration:
              # -- don't require URIs to be on the same host. default: false
              allow_host_mismatch: true
              # -- allow non-SSL and localhost URIs. default: false
              allow_insecure_uris: true
    
            # Registration using passwords
            passwords:
              # -- minimum length of a password. default: 0
              min_length: 16
              # -- require at least one lowercase character in a password. default: false
              require_lowercase: true
              # -- require at least one uppercase character in a password. default: false
              require_uppercase: true
              # -- require at least one number in a password. default: false
              require_number: true
    
        # see: https://matrix-org.github.io/matrix-authentication-service/setup/sso.html?highlight=ulid#general-configuration
        # and also see: https://matrix-org.github.io/matrix-authentication-service/setup/sso.html#keycloak
        upstream_oauth2:
    
          # -- use an existing k8s secret for upstream oauth2 client_id and client_secret
          existingSecret: ""
          secretKeys:
            # -- key in secret with the issuer
            issuer: "issuer"
            # -- key in secret with the client_id
            client_id: "client_id"
            # -- key in secret with the client_secret
            client_secret: "client_secret"
            # -- key in secret with the authorization_endpoint if discovery is disabled
            authorization_endpoint: ""
            # -- key in secret with the token_endpoint if discovery is disabled
            token_endpoint: ""
            # -- key in secret with the userinfo_endpoint if discovery is disabled
            userinfo_endpoint: ""
    
          # only one provider supported at this time, but if you want more, feel free to submit a PR
          providers:
            # -- A unique identifier for the provider
            # Must be a valid ULID, and can be generated using online tools like:
            # https://www.ulidtools.com
            - id: ""
    
              # -- The issuer URL, which will be used to discover the provider's configuration.
              # If discovery is enabled, this *must* exactly match the `issuer` field
              # advertised in `<issuer>/.well-known/openid-configuration`.
              issuer: https://example.com/
    
              # -- A human-readable name for the provider, which will be displayed on the login page
              human_name: Example
    
              # -- A brand identifier for the provider, which will be used to display a logo
              # on the login page. Values supported by the default template are:
              #  - `apple`
              #  - `google`
              #  - `facebook`
              #  - `github`
              #  - `gitlab`
              #  - `twitter`
              brand_name: zitadel
    
              # -- The client ID to use to authenticate to the provider
              client_id: ""
    
              # -- The client secret to use to authenticate to the provider
              # This is only used by the `client_secret_post`, `client_secret_basic`
              # and `client_secret_jwk` authentication methods
              client_secret: ""
    
              # -- Which authentication method to use to authenticate to the provider
              # Supported methods are:
              #   - `none`
              #   - `client_secret_basic`
              #   - `client_secret_post`
              #   - `client_secret_jwt`
              #   - `private_key_jwt` (using the keys defined in the `secrets.keys` section)
              token_endpoint_auth_method: client_secret_basic
    
              # -- Which signing algorithm to use to sign the authentication request when using
              # the `private_key_jwt` or the `client_secret_jwt` authentication methods
              # token_endpoint_auth_signing_alg: RS256
    
              # -- The scopes to request from the provider
              # In most cases, it should always include `openid` scope
              scope: "openid email profile"
    
              # How the provider configuration and endpoints should be discovered
              # Possible values are:
              #  - `oidc`: discover the provider through OIDC discovery,
              #     with strict metadata validation (default)
              #  - `insecure`: discover through OIDC discovery, but skip metadata validation
              #  - `disabled`: don't discover the provider and use the endpoints below
              # discovery_mode: oidc
    
              # -- Whether PKCE should be used during the authorization code flow.
              # Possible values are:
              #  - `auto`: use PKCE if the provider supports it (default)
              #    Determined through discovery, and disabled if discovery is disabled
              #  - `always`: always use PKCE (with the S256 method)
              #  - `never`: never use PKCE
              pkce_method: auto
    
              # -- The provider authorization endpoint
              # This takes precedence over the discovery mechanism
              authorization_endpoint: https://example.com/oauth2/authorize
    
              # The provider token endpoint
              # This takes precedence over the discovery mechanism
              # token_endpoint: https://example.com/oauth2/token
    
              # The provider JWKS URI
              # This takes precedence over the discovery mechanism
              # jwks_uri: https://example.com/oauth2/keys
    
              # How user attributes should be mapped
              #
              # Most of those attributes have two main properties:
              #   - `action`: what to do with the attribute. Possible values are:
              #      - `ignore`: ignore the attribute
              #      - `suggest`: suggest the attribute to the user, but let them opt out
              #      - `force`: always import the attribute, and don't fail if it's missing
              #      - `require`: always import the attribute, and fail if it's missing
              #   - `template`: a Jinja2 template used to generate the value. In this template,
              #      the `user` variable is available, which contains the user's attributes
              #      retrieved from the `id_token` given by the upstream provider.
              #
              # Each attribute has a default template which follows the well-known OIDC claims.
              #
              claims_imports:
                # -- The subject is an internal identifier used to link the
                # user's provider identity to local accounts.
                # By default it uses the `sub` claim as per the OIDC spec,
                # which should fit most use cases.
                subject:
                  template: "{{ user.sub }}"
    
                # -- The localpart is the local part of the user's Matrix ID.
                # For example, on the `example.com` server, if the localpart is `alice`,
                #  the user's Matrix ID will be `@alice:example.com`.
                localpart:
                  action: require
                  template: "{{ user.preferred_username }}"
    
                # -- The display name is the user's display name.
                displayname:
                  action: suggest
                  template: "{{ user.name }}"
    
                # -- An email address to import.
                email:
                  action: suggest
                  template: "{{ user.email }}"
                  # -- Whether the email address must be marked as verified.
                  # Possible values are:
                  #  - `import`: mark the email address as verified if the upstream provider
                  #     has marked it as verified, using the `email_verified` claim.
                  #     This is the default.
                  #   - `always`: mark the email address as verified
                  #   - `never`: mark the email address as not verified
                  set_email_verification: always
    new matrix.experimental_features.msc3861 helm values
    matrix:
      # -- use an existing secret for all msc3861 (matrix authentication service) related values
      # if set, all other msc3861 values are ignored (issuer, client_id,
      # client_auth_method, client_secret, admin_token, account_management_url)
      msc3861ExistingSecret: ""
    
      msc3861SecretKeys:
        # -- secret key to use in existing secret for masc3861 issuer
        issuer: ""
        # -- secret key to use in existing secret for masc3861 client id
        client_id: ""
        # -- secret key to use in existing secret for masc3861 client secret
        client_secret: ""
        # -- secret key to use in existing secret for masc3861 admin_token
        admin_token: ""
        # -- secret key to use in existing secret for masc3861 account_management_url
        account_management_url: ""
    
      experimental_features:
        msc3861:
          # -- experimental_feature msc3861 - enable this if you want to use the matrix authentication service
          # Likely needed if using OIDC on synapse and you want to allow usage of Element-X (the beta of element)
          # See: [Matrix authentication service home server docs](https://matrix-org.github.io/matrix-authentication-service/setup/homeserver.html#configure-the-homeserver-to-delegate-authentication-to-the-service), [full matrix authentication service docs](https://matrix-org.github.io/matrix-authentication-service/index.html), and [issue#1915](https://github.com/element-hq/element-meta/issues/1915#issuecomment-2119297748) where this is being discussed
          enabled: false
    
          # -- Synapse will call `{issuer}/.well-known/openid-configuration` to get the OIDC configuration
          issuer: http://localhost:8080/
    
          # -- Matches the `mas.mas.clients[0].client_id` in the auth service config
          client_id: 0000000000000000000SYNAPSE
    
          # -- Matches the `client_auth_method` in the auth service config
          client_auth_method: client_secret_basic
    
          # -- Matches the `mas.mas.clients[0].client_secret` in the auth service config
          client_secret: "SomeRandomSecret"
    
          # -- Matches the `mas.mas.matrix.secret` in the auth service config
          admin_token: "AnotherRandomSecret"
    
          # -- URL to advertise to clients where users can self-manage their account
          account_management_url: "http://localhost:8080/account"

@jessebot jessebot self-assigned this May 18, 2024
@jessebot jessebot added the enhancement New feature or request label May 18, 2024
@jessebot jessebot changed the title add matrix sliding sync subchart Feature: add matrix sliding sync subchart May 18, 2024
@jessebot jessebot requested a review from cloudymax May 19, 2024 15:14
@jessebot jessebot changed the title Feature: add matrix sliding sync subchart Feature: add matrix sliding sync and matrix authentication service subcharts May 22, 2024
@jessebot jessebot marked this pull request as ready for review May 28, 2024 08:50
@jessebot jessebot changed the title Feature: add matrix sliding sync and matrix authentication service subcharts ⚠️ MAJOR UPDATE: Feature: add matrix sliding sync and matrix authentication service subcharts May 28, 2024
@jessebot jessebot merged commit d1713d5 into main May 28, 2024
3 checks passed
@jessebot jessebot deleted the add-sliding-sync-subchart branch May 28, 2024 08:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

MAS - matrix authentication service helm sub-chart needed Add support for sliding sync
2 participants