- Add upstream_oauth2_config with Authentik provider credentials
- Configure OIDC with client_id and client_secret from Authentik
- Disable local password authentication (OIDC-only login)
- Set claims mapping: subject, localpart, displayname, email
This enables users to login via Authentik OIDC provider with email
and username claims properly mapped for Matrix user provisioning.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
The config.json was truncated and had unclosed brackets. This prevented
Helm from properly merging the ElementWeb configuration, so the custom themes
were never loaded into the cluster.
This fix:
- Closes the unclosed JSON brackets
- Validates the full JSON structure
- Removes duplicate/extra closing brackets
- Ensures all 6 custom themes are properly included
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
Add coturn Deployment with hostNetwork mode and init container for secret substitution. Include SOPS-encrypted shared secret, TLS certificate for turn.axion1337.chat, and Synapse TURN configuration with proper relay URIs and credentials.
Resolves DTLS timeout issues in RTC video calls by providing media relay for clients behind NAT/Firewall.
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- Allow all users to publish public rooms in room list
- Fixes 403 'Not allowed to publish room' error
- Applies to rooms with join_rule: public
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- Rename property from auto-join-rooms to auto_join (underscore instead of dash)
- Keep YAML structure with embedded config
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- Use simpler property name 'retention' instead of 'retention-config'
- Helm Chart schema may not allow 'retention-config' naming convention
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
