values.yaml

# Default values for mautrix-googlechat.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

replicaCount: 1

strategy:
  type: Recreate
  rollingUpdates: null

image:
  repository: dock.mau.dev/mautrix/googlechat
  tag: "{{ .Chart.AppVersion }}"
  pullPolicy: Always

imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""

serviceAccount:
  # Specifies whether a service account should be created
  create: true
  # Annotations to add to the service account
  annotations: {}
  # The name of the service account to use.
  # If not set and create is true, a name is generated using the fullname template
  name:

podSecurityContext:
  fsGroup: 1000

securityContext:
  runAsUser: 1000
  runAsGroup: 1000
  # privileged: true
  # capabilities:
  #   drop:
  #   - ALL
  # readOnlyRootFilesystem: true
  # runAsNonRoot: true
  # runAsUser: 1000

service:
  externalTrafficPolicy:
  type: ClusterIP
probes:
  liveness:
    failureThreshold: 5
    periodSeconds: 10
  readiness:
    failureThreshold: 5
    periodSeconds: 10
  startup:
    initialDelaySeconds: 5
    failureThreshold: 30
    periodSeconds: 10

ingress:
  enabled: false
  ## ingress.ingressClassName -- Support for ingress class name that was introduced in kubernetes 1.19
  ingressClassName:
  annotations:
    {}
    # kubernetes.io/ingress.class: nginx
    # kubernetes.io/tls-acme: "true"
  hosts:
    - host: chart-example.local
      paths: []

  tls: []
  #  - secretName: chart-example-tls
  #    hosts:
  #      - chart-example.local

resources:
  {}
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  # limits:
  #   cpu: 100m
  #   memory: 128Mi
  # requests:
  #   cpu: 100m
  #   memory: 128Mi

nodeSelector: {}

tolerations: []

affinity: {}

podAnnotations: {}

deploymentAnnotations: {}

config:
  # Homeserver details
  homeserver:
      # The address that this appservice can use to connect to the homeserver.
      address: https://example.com
      # The domain of the homeserver (for MXIDs, etc).
      domain: example.com
      # Whether or not to verify the SSL certificate of the homeserver.
      # Only applies if address starts with https://
      verify_ssl: true
      asmux: false
      # Number of retries for all HTTP requests if the homeserver isn't reachable.
      http_retry_count: 4
      # The URL to push real-time bridge status to.
      # If set, the bridge will make POST requests to this URL whenever a user's Google caht connection state changes.
      # The bridge will use the appservice as_token to authorize requests.
      status_endpoint: null
      # Endpoint for reporting per-message status.
      message_send_checkpoint_endpoint: null
      # Whether asynchronous uploads via MSC2246 should be enabled for media.
      # Requires a media repo that supports MSC2246.
      async_media: false
  # Application service host/registration related details
  # Changing these values requires regeneration of the registration.
  appservice:
    # The address that the homeserver can use to connect to this appservice.
    address: http://localhost:29320

    # The hostname and port where this appservice should listen.
    hostname: 0.0.0.0
    port: 29320
    # The maximum body size of appservice API requests (from the homeserver) in mebibytes
    # Usually 1 is enough, but on high-traffic bridges you might need to increase this to avoid 413s
    max_body_size: 1

    # The full URI to the database. Only Postgres is currently supported.
    database: postgres://username:password@hostname/db
    # Additional arguments for asyncpg.create_pool()
    # https://magicstack.github.io/asyncpg/current/api/index.html#asyncpg.pool.create_pool
    database_opts:
      min_size: 5
      max_size: 10

    # The unique ID of this appservice.
    id: googlechat
    # Username of the appservice bot.
    bot_username: googlechatbot
    # Display name and avatar for bot. Set to "remove" to remove display name/avatar, leave empty
    # to leave display name/avatar as-is.
    bot_displayname: Google Chat bridge bot
    bot_avatar: mxc://maunium.net/BDIWAQcbpPGASPUUBuEGWXnQ

    # Whether or not to receive ephemeral events via appservice transactions.
    # Requires MSC2409 support (i.e. Synapse 1.22+).
    # You should disable bridge -> sync_with_custom_puppets when this is enabled.
    ephemeral_events: false

    # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify.
    as_token: ""
    hs_token: ""

  hangouts:
    # Device name shown in Google account settings
    device_name: Mautrix-Google Chat bridge

  # Prometheus telemetry config. Requires prometheus-client to be installed.
  metrics:
    enabled: true
    listen_port: 8000

# Manhole config.
  manhole:
    # Whether or not opening the manhole is allowed.
    enabled: false
    # The path for the unix socket.
    path: /var/tmp/mautrix-googlechat.manhole
    # The list of UIDs who can be added to the whitelist.
    # If empty, any UIDs can be specified in the open-manhole command.
    whitelist:
    - 0

  # Bridge config
  bridge:
    # Localpart template of MXIDs for Google Chat users.
    # {userid} is replaced with the user ID of the Google Chat user.
    username_template: "googlechat_{userid}"
    # Displayname template for Google Chat users.
    # {full_name}, {first_name}, {last_name} and {email} are replaced with names.
    displayname_template: "{full_name} (Google Chat)"

    # The prefix for commands. Only required in non-management rooms.
    command_prefix: "!gc"

    # Number of chats to sync (and create portals for) on startup/#.
    # Set 0 to disable automatic syncing.
    initial_chat_sync: 10
    # Whether or not the Google Chat users of logged in Matrix users should be
    # invited to private chats when the user sends a message from another client.
    invite_own_puppet_to_pm: false
    # Whether or not to use /sync to get presence, read receipts and typing notifications
    # when double puppeting is enabled
    sync_with_custom_puppets: false
    # Whether or not to update the m.direct account data event when double puppeting is enabled.
    # Note that updating the m.direct event is not atomic (except with mautrix-asmux)
    # and is therefore prone to race conditions.
    sync_direct_chat_list: false
    # Servers to always allow double puppeting from
    double_puppet_server_map:
      example.com: https://example.com
    # Allow using double puppeting from any server with a valid client .well-known file.
    double_puppet_allow_discovery: false
    # Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
    #
    # If set, custom puppets will be enabled automatically for local users
    # instead of users having to find an access token and run `login-matrix`
    # manually.
    # If using this for other servers than the bridge's server,
    # you must also set the URL in the double_puppet_server_map.
    login_shared_secret_map:
      example.com: foobar
    # Whether or not to update avatars when syncing all contacts at startup.
    update_avatar_initial_sync: true
    # End-to-bridge encryption support options.
    #
    # See https://docs.mau.fi/bridges/general/end-to-bridge-encryption.html for more info.
    encryption:
      # Allow encryption, work in group chat rooms with e2ee enabled
      allow: false
      # Default to encryption, force-enable encryption in all portals the bridge creates
      # This will cause the bridge bot to be in private chats for the encryption to work properly.
      default: false
      # Require encryption, drop any unencrypted messages.
      require: false
      # Enable key sharing? If enabled, key requests for rooms where users are in will be fulfilled.
      # You must use a client that supports requesting keys from other users to use this feature.
      allow_key_sharing: false
      # What level of device verification should be required from users?
      #
      # Valid levels:
      #   unverified - Send keys to all device in the room.
      #   cross-signed-untrusted - Require valid cross-signing, but trust all cross-signing keys.
      #   cross-signed-tofu - Require valid cross-signing, trust cross-signing keys on first use (and reject changes).
      #   cross-signed-verified - Require valid cross-signing, plus a valid user signature from the bridge bot.
      #                           Note that creating user signatures from the bridge bot is not currently possible.
      #   verified - Require manual per-device verification
      #              (currently only possible by modifying the `trust` column in the `crypto_device` database table).
      verification_levels:
          # Minimum level for which the bridge should send keys to when bridging messages from Telegram to Matrix.
          receive: unverified
          # Minimum level that the bridge should accept for incoming Matrix messages.
          send: unverified
          # Minimum level that the bridge should require for accepting key requests.
          share: cross-signed-tofu
      # Options for Megolm room key rotation. These options allow you to
      # configure the m.room.encryption event content. See:
      # https://spec.matrix.org/v1.3/client-server-api/#mroomencryption for
      # more information about that event.
      rotation:
          # Enable custom Megolm room key rotation settings. Note that these
          # settings will only apply to rooms created after this option is
          # set.
          enable_custom: false
          # The maximum number of milliseconds a session should be used
          # before changing it. The Matrix spec recommends 604800000 (a week)
          # as the default.
          milliseconds: 604800000
          # The maximum number of messages that should be sent with a given a
          # session before changing it. The Matrix spec recommends 100 as the
          # default.
          messages: 100

    # Whether or not the bridge should send a read receipt from the bridge bot when a message has
    # been sent to Google Chat.
    delivery_receipts: false
    # Whether or not delivery errors should be reported as messages in the Matrix room.
    delivery_error_reports: true
    # Whether the bridge should send the message status as a custom com.beeper.message_send_status event.
    message_status_events: false
    # Whether or not created rooms should have federation enabled.
    # If false, created portal rooms will never be federated.
    federate_rooms: true
    # Settings for backfilling messages from Google Chat.
    backfill:
      # Whether or not the Google Chat users of logged in Matrix users should be
      # invited to private chats when backfilling history from Google Chat. This is
      # usually needed to prevent rate limits and to allow timestamp massaging.
      invite_own_puppet: true
      # Number of threads to backfill in threaded spaces in initial backfill.
      initial_thread_limit: 10
      # Number of replies to backfill in each thread in initial backfill.
      initial_thread_reply_limit: 500
      # Number of messages to backfill in non-threaded spaces and DMs in initial backfill.
      initial_nonthread_limit: 100
      # Number of events to backfill in catchup backfill.
      missed_event_limit: 5000
      # How many events to request from Google Chat at once in catchup backfill?
      missed_event_page_size: 100
      # If using double puppeting, should notifications be disabled
      # while the initial backfill is in progress?
      disable_notifications: false

    # Set this to true to tell the bridge to re-send m.bridge events to all rooms on the next run.
    # This field will automatically be changed back to false after it,
    # except if the config file is not writable.
    resend_bridge_info: false
    # Whether or not unimportant bridge notices should be sent to the bridge notice room.
    unimportant_bridge_notices: false
    # Whether or not bridge notices should be disabled entirely.
    disable_bridge_notices: false

    provisioning:
        # Internal prefix in the appservice web server for the login endpoints.
        prefix: /_matrix/provision
        # Shared secret for integration managers such as mautrix-manager.
        # If set to "generate", a random string will be generated on the next startup.
        # If null, integration manager access to the API will not be possible.
        shared_secret: generate

    # Permissions for using the bridge.
    # Permitted values:
    #       user - Use the bridge with puppeting.
    #      admin - Use and administrate the bridge.
    # Permitted keys:
    #        * - All Matrix users
    #   domain - All users on that homeserver
    #     mxid - Specific user
    permissions:
      {}
      #"example.com": "user"
      #"@admin:example.com": "admin"

  # Python logging configuration.
  #
  # See section 16.7.2 of the Python documentation for more info:
  # https://docs.python.org/3.6/library/logging.config.html#configuration-dictionary-schema
  logging:
    version: 1
    formatters:
      colored:
        (): mautrix_googlechat.util.ColorFormatter
        format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
      normal:
        format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
    handlers:
      console:
        class: logging.StreamHandler
        formatter: colored
    loggers:
      mau:
        level: DEBUG
        maugclib:
          level: INFO
        aiohttp:
          level: INFO
    root:
      level: DEBUG
      handlers: [console]

registration:
  id: googlechat
  as_token:
  hs_token:
  namespaces:
    users:
      - exclusive: true
        regex: "@googlechat_.+:example.org"
        group_id: googlechat:example.org
  url: http://{{ include "mautrix-googlechat.fullname" . }}:29320
  sender_localpart: googlechatbot
  rate_limited: false