Setting up Group Sync

See how to download example files from the helm chart here.

Configuration

For a quick setup using the default settings, merge the file from charts/matrix-stack/ci/fragments/groupsync-minimal.yaml to hostnames.yaml in your ESS configuration values directory and edit the hostnames accordingly.

Configuring a postgresql database

If you want to use an external postgresql database, merge 2 files to postgresql.yaml:

charts/matrix-stack/ci/fragments/group-sync-test-postgres.yaml
charts/matrix-stack/ci/fragments/group-sync-test-postgres-secrets-in-helm.yaml or charts/matrix-stack/ci/fragments/group-sync-test-postgres-secrets-externally.yaml

Edit the values accordingly.

Configuring with SCIM bridging

To use GroupSync SCIM bridging, it is required either :

To configure a GroupSync Ingress. You can use the example from charts/matrix-stack/ci/fragments/group-sync-ingress.yaml. The SCIM endpoint will be available at the root of GroupSync hostname.
To use existing Synapse ingress. If Synapse and GroupSync are deployed in the same chart release, a path /scim/v2 will be available at the root of Synapse Ingress.

Configuring GroupSync synchronization

If LDAP is configured under authentication.ldap, GroupSync will use the 1st provider of the list as its own LDAP source provider.

If you want to configure the LDAP provider manually, you can configure it using groupSync.additional property. See Group Sync Overview to see how you can configure it.