groups:
- name: Container Image
description: Image to be used for container
- name: General Settings
description: General Deployment Settings
- name: App Configuration
description: App Specific Config Options
- name: Networking and Services
description: Configure Network and Services for Container
- name: Storage and Persistence
description: Persist and Share Data that is Separate from the Container
- name: Ingress
description: Ingress Configuration
- name: Security and Permissions
description: Configure Security Context and Permissions
- name: Resources and Devices
description: "Specify Resources/Devices to be Allocated to Workload"
- name: Middlewares
description: Traefik Middlewares
- name: Metrics
description: Metrics
- name: VPN
description: VPN
- name: Addons
description: Addon Configuration
- name: Advanced
description: Advanced Configuration
- name: Documentation
description: Documentation
portals:
open:
protocols:
- "$kubernetes-resource_configmap_portal_protocol"
host:
- "$kubernetes-resource_configmap_portal_host"
ports:
- "$kubernetes-resource_configmap_portal_port"
path: "/guacamole"
questions:
- variable: global
label: Global Settings
group: "General Settings"
schema:
type: dict
hidden: true
attrs:
- variable: isSCALE
label: Flag this is SCALE
schema:
type: boolean
default: true
hidden: true
- variable: controller
group: "General Settings"
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: replicas
description: Number of desired pod replicas
label: Desired Replicas
schema:
type: int
required: true
default: 1
- variable: customextraargs
group: "General Settings"
label: "Extra Args"
description: "Do not click this unless you know what you are doing"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: extraArgs
label: Extra Args
schema:
type: list
default: []
items:
- variable: arg
label: Arg
schema:
type: string
- variable: env
group: "App Configuration"
label: "Image Environment"
schema:
additional_attrs: true
type: dict
attrs:
- variable: GUACD_HOSTNAME
label: "Guacd Hostname"
description: "The hostname of the guacd instance to use to establish remote desktop connections"
schema:
type: string
required: true
default: ""
- variable: GUACD_PORT
label: "Guacd Port"
description: "The port that Guacamole should use when connecting to guacd"
schema:
type: int
required: true
default: 4822
- variable: general
group: "App Configuration"
label: "General Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: EXTENSION_PRIORITY
label: "Extension Priority (Leave blank for default)"
description: "A comma-separated list of the namespaces of all extensions that should be loaded in a specific order"
schema:
type: string
default: ""
- variable: api
group: "App Configuration"
label: "API Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: API_SESSION_TIMEOUT
label: "API Session Timeout (Leave blank for default)"
schema:
type: string
default: ""
- variable: totp
group: "App Configuration"
label: "TOTP Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: TOTP_ENABLED
label: "Enable TOTP"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: TOTP_ISSUER
label: "TOTP Issuer (Leave blank for default)"
schema:
type: string
default: ""
- variable: TOTP_PERIOD
label: "TOTP Period (Leave blank for default)"
schema:
type: string
default: ""
- variable: TOTP_DIGITS
label: "TOTP Digits"
schema:
type: string
default: ""
enum:
- value: ""
description: "default"
- value: "6"
description: "6"
- value: "7"
description: "7"
- value: "8"
description: "8"
- variable: TOTP_MODE
label: "TOTP Mode"
schema:
type: string
default: ""
enum:
- value: ""
description: "default"
- value: "sha1"
description: "sha1"
- value: "sha256"
description: "sha256"
- value: "sha512"
description: "sha512"
- variable: header
group: "App Configuration"
label: "Header Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: HEADER_ENABLED
label: "Enable Header"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: HTTP_AUTH_HEADER
label: "HTTP Auth Header (Leave blank for default)"
schema:
type: string
default: ""
- variable: json
group: "App Configuration"
label: "JSON Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: json_enabled
label: "Enable JSON"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: JSON_SECRET_KEY
label: "JSON Secret Key"
schema:
type: string
required: true
default: ""
- variable: JSON_TRUSTED_NETWORKS
label: "JSON Trusted Networks (Leave blank for unrestricted"
description: "Comma separated list e.g.: 127.0.0.0/8, 10.0.0.0/8"
schema:
type: string
default: ""
- variable: duo
group: "App Configuration"
label: "DUO Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: duo_enabled
label: "Enable DUO"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: DUO_API_HOSTNAME
label: "DUO API Hostname (api-XXXXXXXX.duosecurity.com)"
schema:
type: string
required: true
default: ""
- variable: DUO_INTEGRATION_KEY
label: "DUO Integration Key (Exactly 20 chars)"
schema:
min_length: 20
max_length: 20
type: string
required: true
default: ""
- variable: DUO_SECRET_KEY
label: "DUO Secret Key (Exactly 40 chars)"
schema:
min_length: 40
max_length: 40
type: string
required: true
default: ""
- variable: DUO_APPLICATION_KEY
label: "DUO Application Key (At least 40 chars)"
schema:
min_length: 40
type: string
required: true
default: ""
- variable: cas
group: "App Configuration"
label: "CAS Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: cas_enabled
label: "Enable CAS"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CAS_AUTHORIZATION_ENDPOINT
label: "CAS Authorization Endpoint"
schema:
type: string
required: true
default: ""
- variable: CAS_REDIRECT_URI
label: "CAS Redirect URI"
schema:
type: string
required: true
default: ""
- variable: CAS_CLEARPASS_KEY
label: "CAS Clearpass Key"
schema:
type: string
default: ""
- variable: CAS_GROUP_ATTRIBUTE
label: "CAS Group Attribute"
schema:
type: string
default: ""
- variable: CAS_GROUP_LDAP_BASE_DN
label: "CAS Group LDAP Base DN"
schema:
type: string
default: ""
- variable: CAS_GROUP_LDAP_ATTRIBUTE
label: "CAS Group LDAP Attribute"
schema:
type: string
default: ""
- variable: CAS_GROUP_FORMAT
label: "CAS Group Format"
schema:
type: string
default: ""
enum:
- value: ""
description: "default"
- value: "plain"
description: "plain"
- value: "ldap"
description: "ldap"
- variable: openid
group: "App Configuration"
label: "OpenID Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: openid_enabled
label: "Enable OpenID"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: OPENID_AUTHORIZATION_ENDPOINT
label: "OpenID Authorization Endpoint"
schema:
type: string
required: true
default: ""
- variable: OPENID_JWKS_ENDPOINT
label: "OpenID JWKS Endpoint"
schema:
type: string
required: true
default: ""
- variable: OPENID_ISSUER
label: "OpenID Issuer"
schema:
type: string
required: true
default: ""
- variable: OPENID_CLIENT_ID
label: "OpenID Client ID"
schema:
type: string
required: true
default: ""
- variable: OPENID_REDIRECT_URI
label: "OpenID Redirect URI"
schema:
type: string
required: true
default: ""
- variable: OPENID_USERNAME_CLAIM_TYPE
label: "OpenID Username Claim Type (Leave blank for default)"
schema:
type: string
default: ""
- variable: OPENID_GROUPS_CLAIM_TYPE
label: "OpenID Groups Claim Type (Leave blank for default)"
schema:
type: string
default: ""
- variable: OPENID_MAX_TOKEN_VALIDITY
label: "OpenID Max Token Validity (Leave blank for default)"
schema:
type: string
default: ""
- variable: radius
group: "App Configuration"
label: "Radius Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: radius_enabled
label: "Enable Radius"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: RADIUS_SHARED_SECRET
label: "Radius Shared Secret"
schema:
type: string
required: true
default: ""
- variable: RADIUS_AUTH_PROTOCOL
label: "Radius Auth Protocol"
schema:
type: string
required: true
default: "eap-tls"
enum:
- value: "pap"
description: "pap"
- value: "chap"
description: "chap"
- value: "mschapv1"
description: "mschapv1"
- value: "mschapv2"
description: "mschapv2"
- value: "eap-md5"
description: "eap-md5"
- value: "eap-tls"
description: "eap-tls"
- value: "eap-ttls"
description: "eap-ttls"
- variable: RADIUS_HOSTNAME
label: "Radius Hostname (Leave blank for default)"
schema:
type: string
default: ""
- variable: RADIUS_AUTH_PORT
label: "Radius Auth Port (Leave blank for default)"
schema:
type: string
default: ""
- variable: RADIUS_KEY_FILE
label: "Radius Key File (Leave blank for default)"
schema:
type: string
default: ""
- variable: RADIUS_KEY_TYPE
label: "Radius Key Type"
schema:
type: string
default: ""
enum:
- value: ""
description: "Default"
- value: "pem"
description: "pem"
- value: "jceks"
description: "jceks"
- value: "jks"
description: "jks"
- value: "pkcs12"
description: "pkcs12"
- variable: RADIUS_KEY_PASSWORD
label: "Radius Key Password (Leave blank if no password)"
schema:
type: string
default: ""
- variable: RADIUS_CA_FILE
label: "Radius CA File (Leave blank for default)"
schema:
type: string
default: ""
- variable: RADIUS_CA_TYPE
label: "Radius CA Type"
schema:
type: string
default: ""
enum:
- value: ""
description: "Default"
- value: "pem"
description: "pem"
- value: "jceks"
description: "jceks"
- value: "jks"
description: "jks"
- value: "pkcs12"
description: "pkcs12"
- variable: RADIUS_CA_PASSWORD
label: "Radius CA Password (Leave blank if no password)"
schema:
type: string
default: ""
- variable: RADIUS_TRUST_ALL
label: "Radius Trust All"
schema:
type: boolean
default: false
- variable: RADIUS_RETRIES
label: "Radius Retries (Leave blank for default)"
schema:
type: string
default: ""
- variable: RADIUS_TIMEOUT
label: "Radius Timeout (Leave blank for default)"
schema:
type: string
default: ""
- variable: RADIUS_EAP_TTLS_INNER_PROTOCOL
label: "Radius eap-ttls Inner Protocol"
description: "Only has effect when RADIUS_AUTH_PROTOCOL is set to eap-ttls"
schema:
type: string
default: "eap-tls"
enum:
- value: "pap"
description: "pap"
- value: "chap"
description: "chap"
- value: "mschapv1"
description: "mschapv1"
- value: "mschapv2"
description: "mschapv2"
- value: "eap-md5"
description: "eap-md5"
- value: "eap-tls"
description: "eap-tls"
- variable: ldap
group: "App Configuration"
label: "LDAP Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: ldap_enabled
label: "Enable LDAP"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: LDAP_HOSTNAME
label: "LDAP Hostname (Leave blank for default)"
schema:
type: string
required: true
default: ""
- variable: LDAP_USER_BASE_DN
label: "LDAP User Base DN"
schema:
type: string
required: true
default: ""
- variable: LDAP_PORT
label: "LDAP Port (Leave blank for default)"
schema:
type: string
default: ""
- variable: LDAP_ENCRYPTION_METHOD
label: "LDAP Encryption Method (Leave blank for default)"
schema:
type: string
default: ""
enum:
- value: ""
description: "Default"
- value: "none"
description: "none"
- value: "ssl"
description: "ssl"
- value: "starttls"
description: "starttls"
- variable: LDAP_MAX_SEARCH_RESULTS
label: "LDAP Max Search Results (Leave blank for default)"
schema:
type: string
default: ""
- variable: LDAP_SEARCH_BIND_DN
label: "LDAP Search Bind DN (Leave blank for default)"
schema:
type: string
default: ""
- variable: LDAP_USER_ATTRIBUTES
label: "LDAP User Attributes"
schema:
type: string
default: ""
- variable: LDAP_SEARCH_BIND_PASSWORD
label: "LDAP Search Bind Password (Leave blank if no password)"
schema:
type: string
default: ""
- variable: LDAP_USERNAME_ATTRIBUTE
label: "LDAP Username Attribute"
schema:
type: string
default: ""
- variable: LDAP_MEMBER_ATTRIBUTE
label: "LDAP Member Attribute"
schema:
type: string
default: ""
- variable: LDAP_USER_SEARCH_FILTER
label: "LDAP User Search Filter (Leave blank for default)"
schema:
type: string
default: ""
- variable: LDAP_CONFIG_BASE_DN
label: "LDAP Config Base DN"
schema:
type: string
default: ""
- variable: LDAP_GROUP_BASE_DN
label: "LDAP Group Base DN"
schema:
type: string
default: ""
- variable: LDAP_GROUP_SEARCH_FILTER
label: "LDAP Group Search Filter (Leave blank for default)"
schema:
type: string
default: ""
- variable: LDAP_MEMBER_ATTRIBUTE_TYPE
label: "LDAP Encryption Method"
schema:
type: string
default: ""
enum:
- value: ""
description: "Default"
- value: "dn"
description: "dn"
- value: "uid"
description: "uid"
- variable: LDAP_GROUP_NAME_ATTRIBUTE
label: "LDAP Group Name Attribute (Leave blank for default)"
schema:
type: string
default: ""
- variable: LDAP_DEREFERENCE_ALIASES
label: "LDAP Dereference Aliases"
schema:
type: string
default: ""
enum:
- value: ""
description: "Default"
- value: "never"
description: "never"
- value: "searching"
description: "searching"
- value: "finding"
description: "finding"
- value: "always"
description: "always"
- variable: LDAP_FOLLOW_REFERRALS
label: "LDAP Follow Referrals"
schema:
type: boolean
default: false
- variable: LDAP_MAX_REFERRAL_HOPS
label: "LDAP Max Referrals Hops (Leave blank for default)"
schema:
type: string
default: ""
- variable: LDAP_OPERATION_TIMEOUT
label: "LDAP Operation Timeout (Leave blank for default)"
schema:
type: string
default: ""
- variable: saml
group: "App Configuration"
label: "SAML Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: saml_enabled
label: "Enable SAML"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: SAML_IDP_METADATA_URL
label: "SAML IDP Metadata URL"
schema:
type: string
default: ""
- variable: SAML_IDP_URL
label: "SAML IDP URL"
schema:
type: string
default: ""
- variable: SAML_ENTITY_ID
label: "SAML Entity ID"
schema:
type: string
default: ""
- variable: SAML_CALLBACK_URL
label: "SAML Callback URL"
schema:
type: string
default: ""
- variable: SAML_STRICT
label: "SAML Strict"
schema:
type: boolean
default: true
- variable: SAML_DEBUG
label: "SAML Debug"
schema:
type: boolean
default: false
- variable: SAML_COMPRESS_REQUEST
label: "SAML Compress Request"
schema:
type: boolean
default: true
- variable: SAML_COMPRESS_RESPONSE
label: "SAML Compress Response"
schema:
type: boolean
default: true
- variable: SAML_GROUP_ATTRIBUTE
label: "SAML Group Attribute (Leave empty for default)"
schema:
type: string
default: ""
- variable: proxy
group: "App Configuration"
label: "Proxy Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: REMOTE_IP_VALVE_ENABLED
label: "Enable Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: PROXY_BY_HEADER
label: "Proxy by Header (Leave empty for default)"
schema:
type: string
default: ""
- variable: PROXY_PROTOCOL_HEADER
label: "Proxy Protocol Header (Leave empty for default)"
schema:
type: string
default: ""
- variable: PROXY_IP_HEADER
label: "Proxy IP Header (Leave empty for default)"
schema:
type: string
default: ""
- variable: PROXY_ALLOWED_IPS_REGEX
label: "Proxy Allowed IP Regex (Leave empty for default)"
schema:
type: string
default: ""
- variable: TZ
label: Timezone
group: "General Settings"
schema:
type: string
default: "Etc/UTC"
$ref:
- "definitions/timezone"
- variable: envList
label: Extra Environment Variables
description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
group: "General Settings"
schema:
type: list
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
- variable: value
label: Value
schema:
type: string
- variable: service
group: Networking and Services
label: Configure Service(s)
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the Service
schema:
type: boolean
default: true
hidden: true
- variable: type
label: Service Type
description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
schema:
type: string
default: LoadBalancer
enum:
- value: LoadBalancer
description: LoadBalancer (Expose Ports)
- value: ClusterIP
description: ClusterIP (Do Not Expose Ports)
- value: Simple
description: Deprecated CHANGE THIS
- variable: loadBalancerIP
label: LoadBalancer IP
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
schema:
show_if: [["type", "=", "LoadBalancer"]]
type: string
default: ""
- variable: ports
label: "Service's Port(s) Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 9998
required: true
- variable: serviceexpert
group: Networking and Services
label: Show Expert Config
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hostNetwork
group: Networking and Services
label: Host-Networking (Complicated)
schema:
type: boolean
default: false
- variable: externalInterfaces
description: Add External Interfaces
label: Add external Interfaces
group: Networking
schema:
type: list
items:
- variable: interfaceConfiguration
description: Interface Configuration
label: Interface Configuration
schema:
type: dict
$ref:
- "normalize/interfaceConfiguration"
attrs:
- variable: hostInterface
description: Please Specify Host Interface
label: Host Interface
schema:
type: string
required: true
$ref:
- "definitions/interface"
- variable: ipam
description: Define how IP Address will be managed
label: IP Address Management
schema:
type: dict
required: true
attrs:
- variable: type
description: Specify type for IPAM
label: IPAM Type
schema:
type: string
required: true
enum:
- value: dhcp
description: Use DHCP
- value: static
description: Use Static IP
show_subquestions_if: static
subquestions:
- variable: staticIPConfigurations
label: Static IP Addresses
schema:
type: list
items:
- variable: staticIP
label: Static IP
schema:
type: ipaddr
cidr: true
- variable: staticRoutes
label: Static Routes
schema:
type: list
items:
- variable: staticRouteConfiguration
label: Static Route Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: destination
label: Destination
schema:
type: ipaddr
cidr: true
required: true
- variable: gateway
label: Gateway
schema:
type: ipaddr
cidr: false
required: true
- variable: serviceList
label: Add Manual Custom Services
group: Networking and Services
schema:
type: list
default: []
items:
- variable: serviceListEntry
label: Custom Service
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the service
schema:
type: boolean
default: true
hidden: true
- variable: name
label: Name
schema:
type: string
default: ""
- variable: type
label: Service Type
description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
schema:
type: string
default: LoadBalancer
enum:
- value: LoadBalancer
description: LoadBalancer (Expose Ports)
- value: ClusterIP
description: ClusterIP (Do Not Expose Ports)
- value: Simple
description: Deprecated CHANGE THIS
- variable: loadBalancerIP
label: LoadBalancer IP
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
schema:
show_if: [["type", "=", "LoadBalancer"]]
type: string
default: ""
- variable: advancedsvcset
label: Show Advanced Service Settings
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: externalIPs
label: "External IP's"
description: "External IP's"
schema:
type: list
default: []
items:
- variable: externalIP
label: External IP
schema:
type: string
- variable: ipFamilyPolicy
label: IP Family Policy
description: Specify the IP Policy
schema:
type: string
default: SingleStack
enum:
- value: SingleStack
description: SingleStack
- value: PreferDualStack
description: PreferDualStack
- value: RequireDualStack
description: RequireDualStack
- variable: ipFamilies
label: IP Families
description: (Advanced) The IP Families that should be used
schema:
type: list
default: []
items:
- variable: ipFamily
label: IP Family
schema:
type: string
- variable: portsList
label: Additional Service Ports
schema:
type: list
default: []
items:
- variable: portsListEntry
label: Custom ports
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the Port
schema:
type: boolean
default: true
hidden: true
- variable: name
label: Port Name
schema:
type: string
default: ""
- variable: protocol
label: Port Type
schema:
type: string
default: TCP
enum:
- value: HTTP
description: HTTP
- value: HTTPS
description: HTTPS
- value: TCP
description: TCP
- value: UDP
description: UDP
- variable: targetPort
label: Target Port
description: This port exposes the container port on the service
schema:
type: int
required: true
- variable: port
label: Container Port
schema:
type: int
required: true
- variable: persistenceList
label: Additional App Storage
group: Storage and Persistence
schema:
type: list
default: []
items:
- variable: persistenceListEntry
label: Custom Storage
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the storage
schema:
type: boolean
default: true
hidden: true
- variable: type
label: Type of Storage
description: Sets the persistence type, Anything other than PVC could break rollback!
schema:
type: string
default: hostPath
enum:
- value: pvc
description: PVC
- value: hostPath
description: Host Path
- value: emptyDir
description: emptyDir
- value: nfs
description: NFS Share
- variable: server
label: NFS Server
schema:
show_if: [["type", "=", "nfs"]]
type: string
default: ""
- variable: path
label: Path on NFS Server
schema:
show_if: [["type", "=", "nfs"]]
type: string
default: ""
- variable: setPermissions
label: Automatic Permissions
description: Automatically set permissions on install
schema:
show_if: [["type", "=", "hostPath"]]
type: boolean
default: false
- variable: readOnly
label: Read Only
schema:
type: boolean
default: false
- variable: hostPath
label: Host Path
description: Path inside the container the storage is mounted
schema:
show_if: [["type", "=", "hostPath"]]
type: hostpath
- variable: mountPath
label: Mount Path
description: Path inside the container the storage is mounted
schema:
type: string
default: ""
required: true
valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- variable: medium
label: EmptyDir Medium
schema:
show_if: [["type", "=", "emptyDir"]]
type: string
default: ""
enum:
- value: ""
description: Default
- value: Memory
description: Memory
- variable: size
label: Size Quotum of Storage
schema:
show_if: [["type", "=", "pvc"]]
type: string
default: 256Gi
- variable: ingress
label: ""
group: Ingress
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Ingress"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable Ingress
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hosts
label: Hosts
schema:
type: list
default: []
items:
- variable: hostEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: host
label: HostName
schema:
type: string
default: ""
required: true
- variable: paths
label: Paths
schema:
type: list
default: []
items:
- variable: pathEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: path
label: Path
schema:
type: string
required: true
default: "/"
- variable: pathType
label: Path Type
schema:
type: string
required: true
default: Prefix
- variable: tls
label: TLS-Settings
schema:
type: list
default: []
items:
- variable: tlsEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: hosts
label: Certificate Hosts
schema:
type: list
default: []
items:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: scaleCert
label: Select TrueNAS SCALE Certificate
schema:
type: int
$ref:
- "definitions/certificate"
- variable: entrypoint
label: (Advanced) Traefik Entrypoint
description: Entrypoint used by Traefik when using Traefik as Ingress Provider
schema:
type: string
default: websecure
required: true
- variable: ingressClassName
label: (Advanced/Optional) IngressClass Name
schema:
type: string
default: ""
- variable: middlewares
label: Traefik Middlewares
description: Add previously created Traefik Middlewares to this Ingress
schema:
type: list
default: []
items:
- variable: name
label: Name
schema:
type: string
default: ""
required: true
- variable: ingressList
label: Add Manual Custom Ingresses
group: Ingress
schema:
type: list
default: []
items:
- variable: ingressListEntry
label: Custom Ingress
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable Ingress
schema:
type: boolean
default: true
hidden: true
- variable: name
label: Name
schema:
type: string
default: ""
- variable: ingressClassName
label: IngressClass Name
schema:
type: string
default: ""
- variable: hosts
label: Hosts
schema:
type: list
default: []
items:
- variable: hostEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: host
label: HostName
schema:
type: string
default: ""
required: true
- variable: paths
label: Paths
schema:
type: list
default: []
items:
- variable: pathEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: path
label: Path
schema:
type: string
required: true
default: "/"
- variable: pathType
label: Path Type
schema:
type: string
required: true
default: Prefix
- variable: service
label: Linked Service
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Service Name
schema:
type: string
default: ""
- variable: port
label: Service Port
schema:
type: int
- variable: tls
label: TLS-Settings
schema:
type: list
default: []
items:
- variable: tlsEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: hosts
label: Certificate Hosts
schema:
type: list
default: []
items:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: scaleCert
label: Select TrueNAS SCALE Certificate
schema:
type: int
$ref:
- "definitions/certificate"
- variable: entrypoint
label: Traefik Entrypoint
description: Entrypoint used by Traefik when using Traefik as Ingress Provider
schema:
type: string
default: websecure
required: true
- variable: middlewares
label: Traefik Middlewares
description: Add previously created Traefik Middlewares to this Ingress
schema:
type: list
default: []
items:
- variable: name
label: Name
schema:
type: string
default: ""
required: true
- variable: security
label: Container Security Settings
group: Security and Permissions
schema:
type: dict
additional_attrs: true
attrs:
- variable: editsecurity
label: Change PUID / UMASK values
description: By enabling this you override default set values.
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: PUID
label: Process User ID - PUID
description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
schema:
type: int
default: 568
- variable: UMASK
label: UMASK
description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
schema:
type: string
default: "002"
- variable: advancedSecurity
label: Show Advanced Security Settings
group: Security and Permissions
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: securityContext
label: Security Context
schema:
additional_attrs: true
type: dict
attrs:
- variable: privileged
label: "Privileged mode"
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
schema:
type: boolean
default: false
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: "runAsNonRoot"
schema:
type: boolean
default: true
- variable: podSecurityContext
group: Security and Permissions
label: Pod Security Context
schema:
additional_attrs: true
type: dict
attrs:
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 1001
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID this App of the user running the application"
schema:
type: int
default: 1001
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage"
schema:
type: int
default: 568
- variable: fsGroupChangePolicy
label: "When should we take ownership?"
schema:
type: string
default: OnRootMismatch
enum:
- value: OnRootMismatch
description: OnRootMismatch
- value: Always
description: Always
- variable: supplementalGroups
label: Supplemental Groups
schema:
type: list
default: []
items:
- variable: supplementalGroupsEntry
label: Supplemental Group
schema:
type: int
- variable: resources
group: Resources and Devices
label: "Resource Limits"
schema:
additional_attrs: true
type: dict
attrs:
- variable: limits
label: Advanced Limit Resource Consumption
schema:
additional_attrs: true
type: dict
attrs:
- variable: cpu
label: CPU
description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
schema:
type: string
default: 4000m
valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- variable: memory
label: RAM
description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
schema:
type: string
default: 8Gi
valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- variable: requests
label: "Minimum Resources Required (request)"
schema:
additional_attrs: true
type: dict
hidden: true
attrs:
- variable: cpu
label: CPU
description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
schema:
type: string
default: 10m
hidden: true
valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- variable: memory
label: "RAM"
description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/docs/manual/SCALE%20Apps/indepth/validation"
schema:
type: string
default: 50Mi
hidden: true
valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- variable: deviceList
label: Mount USB Devices
group: Resources and Devices
schema:
type: list
default: []
items:
- variable: deviceListEntry
label: Device
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the Storage
schema:
type: boolean
default: true
- variable: type
label: (Advanced) Type of Storage
description: Sets the persistence type
schema:
type: string
default: hostPath
hidden: true
- variable: readOnly
label: readOnly
schema:
type: boolean
default: false
- variable: hostPath
label: Host Device Path
description: Path to the device on the host system
schema:
type: path
- variable: mountPath
label: Container Device Path
description: Path inside the container the device is mounted
schema:
type: string
default: "/dev/ttyACM0"
# Specify GPU configuration
- variable: scaleGPU
label: GPU Configuration
group: Resources and Devices
schema:
type: dict
$ref:
- "definitions/gpuConfiguration"
attrs: []
- variable: horizontalPodAutoscaler
group: Advanced
label: (Advanced) Horizontal Pod Autoscaler
schema:
type: list
default: []
items:
- variable: hpaEntry
label: HPA Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
default: ""
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: target
label: Target
description: Deployment name, Defaults to Main Deployment
schema:
type: string
default: ""
- variable: minReplicas
label: Minimum Replicas
schema:
type: int
default: 1
- variable: maxReplicas
label: Maximum Replicas
schema:
type: int
default: 5
- variable: targetCPUUtilizationPercentage
label: Target CPU Utilization Percentage
schema:
type: int
default: 80
- variable: targetMemoryUtilizationPercentage
label: Target Memory Utilization Percentage
schema:
type: int
default: 80
- variable: networkPolicy
group: Advanced
label: (Advanced) Network Policy
schema:
type: list
default: []
items:
- variable: netPolicyEntry
label: Network Policy Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
default: ""
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: policyType
label: Policy Type
schema:
type: string
default: ""
enum:
- value: ""
description: Default
- value: ingress
description: Ingress
- value: egress
description: Egress
- value: ingress-egress
description: Ingress and Egress
- variable: egress
label: Egress
schema:
type: list
default: []
items:
- variable: egressEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: to
label: To
schema:
type: list
default: []
items:
- variable: toEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: ipBlock
label: IP Block
schema:
additional_attrs: true
type: dict
attrs:
- variable: cidr
label: CIDR
schema:
type: string
default: ""
- variable: except
label: Except
schema:
type: list
default: []
items:
- variable: exceptint
label: ""
schema:
type: string
- variable: namespaceSelector
label: Namespace Selector
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: podSelector
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: ports
label: Ports
schema:
type: list
default: []
items:
- variable: portsEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
schema:
type: int
- variable: endPort
label: End Port
schema:
type: int
- variable: protocol
label: Protocol
schema:
type: string
default: TCP
enum:
- value: TCP
description: TCP
- value: UDP
description: UDP
- value: SCTP
description: SCTP
- variable: ingress
label: Ingress
schema:
type: list
default: []
items:
- variable: ingressEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: from
label: From
schema:
type: list
default: []
items:
- variable: fromEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: ipBlock
label: IP Block
schema:
additional_attrs: true
type: dict
attrs:
- variable: cidr
label: CIDR
schema:
type: string
default: ""
- variable: except
label: Except
schema:
type: list
default: []
items:
- variable: exceptint
label: ""
schema:
type: string
- variable: namespaceSelector
label: Namespace Selector
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: podSelector
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: ports
label: Ports
schema:
type: list
default: []
items:
- variable: portsEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
schema:
type: int
- variable: endPort
label: End Port
schema:
type: int
- variable: protocol
label: Protocol
schema:
type: string
default: TCP
enum:
- value: TCP
description: TCP
- value: UDP
description: UDP
- value: SCTP
description: SCTP
- variable: addons
group: Addons
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: codeserver
label: Codeserver
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: git
label: Git Settings
schema:
additional_attrs: true
type: dict
attrs:
- variable: deployKey
description: Raw SSH Private Key
label: Deploy Key
schema:
type: string
- variable: deployKeyBase64
description: Base64-encoded SSH private key. When both variables are set, the raw SSH key takes precedence
label: Deploy Key Base64
schema:
type: string
- variable: service
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: Service Type
description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
schema:
type: string
default: LoadBalancer
enum:
- value: NodePort
description: Deprecated CHANGE THIS
- value: ClusterIP
description: ClusterIP
- value: LoadBalancer
description: LoadBalancer
- variable: loadBalancerIP
label: LoadBalancer IP
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
schema:
show_if: [["type", "=", "LoadBalancer"]]
type: string
default: ""
- variable: advancedsvcset
label: Show Advanced Service Settings
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: externalIPs
label: "External IP's"
description: "External IP's"
schema:
type: list
default: []
items:
- variable: externalIP
label: External IP
schema:
type: string
- variable: ipFamilyPolicy
label: IP Family Policy
description: Specify the IP Policy
schema:
type: string
default: SingleStack
enum:
- value: SingleStack
description: SingleStack
- value: PreferDualStack
description: PreferDualStack
- value: RequireDualStack
description: RequireDualStack
- variable: ipFamilies
label: IP Families
description: (Advanced) The IP Families that should be used
schema:
type: list
default: []
items:
- variable: ipFamily
label: IP Family
schema:
type: string
- variable: ports
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: codeserver
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
schema:
type: int
default: 36107
- variable: nodePort
description: Leave Empty to Disable
label: nodePort DEPRECATED
schema:
type: int
default: 36107
- variable: envList
label: Codeserver Environment Variables
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: Value
schema:
type: string
required: true
- variable: vpn
label: VPN
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: Type
schema:
type: string
default: disabled
enum:
- value: disabled
description: disabled
- value: openvpn
description: OpenVPN
- value: wireguard
description: Wireguard
- value: tailscale
description: Tailscale
- variable: openvpn
label: OpenVPN Settings
schema:
type: dict
show_if: [["type", "=", "openvpn"]]
attrs:
- variable: username
label: Authentication Username (Optional)
description: Authentication Username, Optional
schema:
type: string
default: ""
- variable: password
label: Authentication Password
description: Authentication Credentials
schema:
type: string
default: ""
required: true
- variable: tailscale
label: Tailscale Settings
schema:
type: dict
show_if: [["type", "=", "tailscale"]]
attrs:
- variable: authkey
label: Authentication Key
description: Provide an auth key to automatically authenticate the node as your user account.
schema:
type: string
private: true
default: ""
- variable: auth_once
label: Auth Once
description: Only attempt to log in if not already logged in.
schema:
type: boolean
default: true
- variable: accept_dns
label: Accept DNS
description: Accept DNS configuration from the admin console.
schema:
type: boolean
default: false
- variable: userspace
label: Userspace
description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
schema:
type: boolean
default: false
- variable: routes
label: Routes
description: Expose physical subnet routes to your entire Tailscale network.
schema:
type: string
default: ""
- variable: dest_ip
label: Destination IP
description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
schema:
type: string
default: ""
- variable: sock5_server
label: Sock5 Server
description: The address on which to listen for SOCKS5 proxying into the tailscale net.
schema:
type: string
default: ""
- variable: outbound_http_proxy_listen
label: Outbound HTTP Proxy Listen
description: The address on which to listen for HTTP proxying into the tailscale net.
schema:
type: string
default: ""
- variable: extra_args
label: Extra Args
description: Extra Args
schema:
type: string
default: ""
- variable: daemon_extra_args
label: Tailscale Daemon Extra Args
description: Tailscale Daemon Extra Args
schema:
type: string
default: ""
- variable: killSwitch
label: Enable Killswitch
schema:
type: boolean
show_if: [["type", "!=", "disabled"]]
default: true
- variable: excludedNetworks_IPv4
label: Killswitch Excluded IPv4 networks
description: List of Killswitch Excluded IPv4 Addresses
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: networkv4
label: IPv4 Network
schema:
type: string
required: true
- variable: excludedNetworks_IPv6
label: Killswitch Excluded IPv6 networks
description: "List of Killswitch Excluded IPv6 Addresses"
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: networkv6
label: IPv6 Network
schema:
type: string
required: true
- variable: configFile
label: VPN Config File Location
schema:
type: dict
show_if: [["type", "!=", "disabled"]]
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: true
hidden: true
- variable: type
label: Type
schema:
type: string
default: hostPath
hidden: true
- variable: hostPathType
label: hostPathType
schema:
type: string
default: File
hidden: true
- variable: noMount
label: noMount
schema:
type: boolean
default: true
hidden: true
- variable: hostPath
label: Full Path to File
description: "Path to your local VPN config file for example: /mnt/tank/vpn.conf or /mnt/tank/vpn.ovpn"
schema:
type: string
default: ""
- variable: envList
label: VPN Environment Variables
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: Value
schema:
type: string
required: true
- variable: docs
group: Documentation
label: Please read the documentation at https://truecharts.org
description: Please read the documentation at
https://truecharts.org
schema:
additional_attrs: true
type: dict
attrs:
- variable: confirmDocs
label: I have checked the documentation
schema:
type: boolean
default: true
- variable: donateNag
group: Documentation
label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
description: Please consider supporting TrueCharts, see
https://truecharts.org/sponsor
schema:
additional_attrs: true
type: dict
attrs:
- variable: confirmDonate
label: I have considered donating
schema:
type: boolean
default: true
hidden: true