TrueChartsCatalogClone/enterprise/authelia/19.0.10/questions.yaml

3085 lines
132 KiB
YAML

groups:
- name: Container Image
description: Image to be used for container
- name: General Settings
description: General Deployment Settings
- name: Workload Settings
description: Workload Settings
- name: App Configuration
description: App Specific Config Options
- name: Networking and Services
description: Configure Network and Services for Container
- name: Storage and Persistence
description: Persist and Share Data that is Separate from the Container
- name: Ingress
description: Ingress Configuration
- name: Security and Permissions
description: Configure Security Context and Permissions
- name: Resources and Devices
description: "Specify Resources/Devices to be Allocated to Workload"
- name: Middlewares
description: Traefik Middlewares
- name: Metrics
description: Metrics
- name: Addons
description: Addon Configuration
- name: Advanced
description: Advanced Configuration
- name: Postgresql
description: Postgresql
- name: Documentation
description: Documentation
portals:
open:
protocols:
- "$kubernetes-resource_configmap_tcportal-open_protocol"
host:
- "$kubernetes-resource_configmap_tcportal-open_host"
ports:
- "$kubernetes-resource_configmap_tcportal-open_port"
questions:
- variable: global
group: General Settings
label: "Global Settings"
schema:
additional_attrs: true
type: dict
attrs:
- variable: stopAll
label: Stop All
description: "Stops All Running pods and hibernates cnpg"
schema:
type: boolean
default: false
- variable: workload
group: "Workload Settings"
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: Type (Advanced)
schema:
type: string
default: Deployment
enum:
- value: Deployment
description: Deployment
- value: DaemonSet
description: DaemonSet
- variable: replicas
label: Replicas (Advanced)
description: Set the number of Replicas
schema:
type: int
show_if: [["type", "!=", "DaemonSet"]]
default: 2
- variable: podSpec
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: containers
label: Containers
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: Main Container
schema:
additional_attrs: true
type: dict
attrs:
- variable: envList
label: Extra Environment Variables
description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
schema:
type: list
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
- variable: value
label: Value
schema:
type: string
- variable: extraArgs
label: Extra Args
schema:
type: list
default: []
items:
- variable: arg
label: Arg
schema:
type: string
- variable: advanced
label: Show Advanced Settings
description: Advanced settings are not covered by TrueCharts Support
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: command
label: Command
schema:
type: list
default: []
items:
- variable: param
label: Param
schema:
type: string
- variable: TZ
label: Timezone
group: "General Settings"
schema:
type: string
default: "Etc/UTC"
$ref:
- "definitions/timezone"
- variable: podOptions
group: "General Settings"
label: "Global Pod Options (Advanced)"
schema:
additional_attrs: true
type: dict
attrs:
- variable: expertPodOpts
label: "Expert - Pod Options"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hostNetwork
label: "Host Networking"
schema:
type: boolean
default: false
- variable: dnsConfig
label: "DNS Configuration"
schema:
type: dict
additional_attrs: true
attrs:
- variable: options
label: "Options"
schema:
type: list
default: [{"name": "ndots", "value": "1"}]
items:
- variable: optionsEntry
label: "Option Entry"
schema:
type: dict
additional_attrs: true
attrs:
- variable: name
label: "Name"
schema:
type: string
required: true
- variable: value
label: "Value"
schema:
type: string
- variable: nameservers
label: "Nameservers"
schema:
type: list
default: []
items:
- variable: nsEntry
label: "Nameserver Entry"
schema:
type: string
required: true
- variable: searches
label: "Searches"
schema:
type: list
default: []
items:
- variable: searchEntry
label: "Search Entry"
schema:
type: string
required: true
- variable: domain
group: "App Configuration"
label: "Domain"
description: "The highest domain level possible, for example: domain.com when using app.domain.com"
schema:
type: string
default: ""
required: true
- variable: default_redirection_url
group: "App Configuration"
label: "Default Redirection URL"
description: "If user tries to authenticate without any referrer, this is used"
schema:
type: string
default: ""
valid_chars: '^https?:\/\/(.*)'
- variable: theme
group: "App Configuration"
label: "Theme"
schema:
type: string
default: "auto"
enum:
- value: "auto"
description: "auto"
- value: "light"
description: "light"
- value: "grey"
description: "grey"
- value: "dark"
description: "dark"
- variable: log
group: "App Configuration"
label: "Log Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: level
label: "Log Level"
schema:
type: string
default: "info"
enum:
- value: "info"
description: "info"
- value: "debug"
description: "debug"
- value: "trace"
description: "trace"
- variable: format
label: "Log Format"
schema:
type: string
default: "text"
enum:
- value: "json"
description: "json"
- value: "text"
description: "text"
- variable: totp
group: "App Configuration"
label: "TOTP Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: issuer
label: "Issuer"
description: "The issuer name displayed in the Authenticator application of your choice"
schema:
type: string
default: ""
- variable: period
label: "Period"
description: "The period in seconds a one-time password is current for"
schema:
type: int
default: 30
- variable: skew
label: "skew"
description: "Controls number of one-time passwords either side of the current one that are valid."
schema:
type: int
default: 1
- variable: password_policy
group: "App Configuration"
label: "Password Policy Configuration"
description: "Authelia allows administrators to configure an enforced password policy."
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enable"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: standard
label: Standard
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
- variable: min_length
label: "Minimum Password Length"
description: "Minimum Password Length"
schema:
type: int
required: true
show_if: [["enabled", "=", true]]
default: 8
- variable: max_length
label: "Max Passsword Length"
description: "Max Password Length"
schema:
type: int
required: true
show_if: [["enabled", "=", true]]
default: 0
- variable: require_uppercase
label: "Require Upppercase"
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
required: true
- variable: require_lowercase
label: "Require Lowercase"
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
required: true
- variable: require_number
label: "Require Numbers"
description: "Require Numbers in the password"
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
required: true
- variable: require_special
label: "Require Special Characters"
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
- variable: zxcvbn
label: zxcvbn
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
required: true
- variable: min_score
label: "Min Score"
schema:
type: int
required: true
show_if: [["enabled", "=", true]]
default: 3
- variable: duo_api
group: "App Configuration"
label: "DUO API Configuration"
description: "Parameters used to contact the Duo API."
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enable"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hostname
label: "Hostname"
schema:
type: string
required: true
default: ""
- variable: integration_key
label: "integration_key"
schema:
type: string
default: ""
required: true
- variable: plain_api_key
label: "plain_api_key"
schema:
type: string
default: ""
required: true
- variable: session
group: "App Configuration"
label: "Session Provider"
description: "The session cookies identify the user once logged in."
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: "Cookie Name"
description: "The name of the session cookie."
schema:
type: string
required: true
default: "authelia_session"
- variable: same_site
label: "SameSite Value"
description: "Sets the Cookie SameSite value"
schema:
type: string
default: "lax"
enum:
- value: "lax"
description: "lax"
- value: "strict"
description: "strict"
- variable: expiration
label: "Expiration Time"
description: "The time in seconds before the cookie expires and session is reset."
schema:
type: string
default: "1h"
required: true
- variable: inactivity
label: "Inactivity Time"
description: "The inactivity time in seconds before the session is reset."
schema:
type: string
default: "5m"
required: true
- variable: remember_me_duration
label: "Remember-Me duration"
description: "The remember me duration"
schema:
type: string
default: "5M"
required: true
- variable: regulation
group: "App Configuration"
label: "Regulation Configuration"
description: "This mechanism prevents attackers from brute forcing the first factor."
schema:
additional_attrs: true
type: dict
attrs:
- variable: max_retries
label: "Maximum Retries"
description: "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
schema:
type: int
default: 3
- variable: find_time
label: "Find Time"
description: "The time range during which the user can attempt login before being banned."
schema:
type: string
default: "2m"
required: true
- variable: ban_time
label: "Ban Duration"
description: "The length of time before a banned user can login again"
schema:
type: string
default: "5m"
required: true
- variable: authentication_backend
group: "App Configuration"
label: "Authentication Backend Provider"
description: "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
schema:
additional_attrs: true
type: dict
attrs:
- variable: disable_reset_password
label: "Disable Reset Password"
description: "Disable both the HTML element and the API for reset password functionality"
schema:
type: boolean
default: false
- variable: refresh_interval
label: "Reset Interval"
description: "The amount of time to wait before we refresh data from the authentication backend"
schema:
type: string
default: "5m"
required: true
- variable: ldap
label: "LDAP backend configuration"
description: "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enable"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: implementation
label: "Implementation"
description: "The LDAP implementation, this affects elements like the attribute utilized for resetting a password"
schema:
type: string
default: "custom"
enum:
- value: "activedirectory"
description: "Active Directory"
- value: "custom"
description: "Custom"
- variable: url
label: "URL"
description: "The url to the ldap server. Format: <scheme>://<address>[:<port>]"
schema:
type: string
default: "ldap://openldap.default.svc.cluster.local"
required: true
- variable: timeout
label: "Connection Timeout"
schema:
type: string
default: "5s"
required: true
- variable: start_tls
label: "Start TLS"
description: "Use StartTLS with the LDAP connection"
schema:
type: boolean
default: false
- variable: tls
label: "TLS Settings"
schema:
additional_attrs: true
type: dict
attrs:
- variable: server_name
label: "Server Name"
description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
schema:
type: string
default: ""
- variable: skip_verify
label: "Skip Certificate Verification"
description: "Skip verifying the server certificate (to allow a self-signed certificate)"
schema:
type: boolean
default: false
- variable: minimum_version
label: "Minimum TLS version"
description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
schema:
type: string
default: "TLS1.2"
enum:
- value: "TLS1.0"
description: "TLS1.0"
- value: "TLS1.1"
description: "TLS1.1"
- value: "TLS1.2"
description: "TLS1.2"
- value: "TLS1.3"
description: "TLS1.3"
- variable: base_dn
label: "Base DN"
description: "The base dn for every LDAP query."
schema:
type: string
default: "DC=example,DC=com"
required: true
- variable: username_attribute
label: "Username Attribute"
description: "The attribute holding the username of the user"
schema:
type: string
default: ""
required: true
- variable: additional_users_dn
label: "Additional Users DN"
description: "An additional dn to define the scope to all users."
schema:
type: string
default: "OU=Users"
required: true
- variable: users_filter
label: "Users Filter"
description: "The groups filter used in search queries to find the groups of the user."
schema:
type: string
default: ""
required: true
- variable: additional_groups_dn
label: "Additional Groups DN"
description: "An additional dn to define the scope of groups."
schema:
type: string
default: "OU=Groups"
required: true
- variable: groups_filter
label: "Groups Filter"
description: "The groups filter used in search queries to find the groups of the user."
schema:
type: string
default: ""
required: true
- variable: group_name_attribute
label: "Group name Attribute"
description: "The attribute holding the name of the group"
schema:
type: string
default: ""
required: true
- variable: mail_attribute
label: "Mail Attribute"
description: "The attribute holding the primary mail address of the user"
schema:
type: string
default: ""
required: true
- variable: display_name_attribute
label: "Display Name Attribute"
description: "he attribute holding the display name of the user. This will be used to greet an authenticated user."
schema:
type: string
default: ""
- variable: user
label: "Admin User"
description: "The username of the admin user used to connect to LDAP."
schema:
type: string
default: "CN=Authelia,DC=example,DC=com"
required: true
- variable: plain_password
label: "Password"
schema:
type: string
default: ""
required: true
- variable: file
label: "File backend configuration"
description: "With this backend, the users database is stored in a file which is updated when users reset their passwords."
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enable"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: path
label: "Path"
schema:
type: string
default: "/config/users_database.yml"
required: true
- variable: password
label: "Password Settings"
schema:
additional_attrs: true
type: dict
attrs:
- variable: algorithm
label: "Algorithm"
schema:
type: string
default: "argon2id"
enum:
- value: "argon2id"
description: "argon2id"
- value: "sha512"
description: "sha512"
- variable: iterations
label: "Iterations"
schema:
type: int
default: 1
required: true
- variable: key_length
label: "Key Length"
schema:
type: int
default: 32
required: true
- variable: salt_length
label: "Salt Length"
schema:
type: int
default: 16
required: true
- variable: memory
label: "Memory"
schema:
type: int
default: 1024
required: true
- variable: parallelism
label: "Parallelism"
schema:
type: int
default: 8
required: true
- variable: notifier
group: "App Configuration"
label: "Notifier Configuration"
description: "Notifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
schema:
additional_attrs: true
type: dict
attrs:
- variable: disable_startup_check
label: "Disable Startup Check"
schema:
type: boolean
default: false
- variable: filesystem
label: "Filesystem Provider"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enable"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: filename
label: "File Path"
schema:
type: string
default: "/config/notification.txt"
required: true
- variable: smtp
label: "SMTP Provider"
description: "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enable"
schema:
type: boolean
default: true
show_subquestions_if: true
subquestions:
- variable: host
label: "Host"
schema:
type: string
default: "smtp.mail.svc.cluster.local"
required: true
- variable: port
label: "Port"
schema:
type: int
default: 25
required: true
- variable: timeout
label: "Timeout"
schema:
type: string
default: "5s"
required: true
- variable: username
label: "Username"
schema:
type: string
default: ""
- variable: plain_password
label: "Password"
schema:
type: string
default: ""
- variable: sender
label: "Sender"
schema:
type: string
default: ""
required: true
- variable: identifier
label: "Identifier"
description: "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
schema:
type: string
default: "localhost"
required: true
- variable: subject
label: "Subject"
description: "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
schema:
type: string
default: "[Authelia] {title}"
required: true
- variable: startup_check_address
label: "Startup Check Address"
description: "This address is used during the startup check to verify the email configuration is correct."
schema:
type: string
default: "test@authelia.com"
required: true
- variable: disable_require_tls
label: "Disable Require TLS"
schema:
type: boolean
default: false
- variable: disable_html_emails
label: "Disable HTML emails"
schema:
type: boolean
default: false
- variable: tls
label: "TLS Settings"
schema:
additional_attrs: true
type: dict
attrs:
- variable: server_name
label: "Server Name"
description: "Server Name for certificate validation (in case it's not set correctly in the URL)."
schema:
type: string
default: ""
- variable: skip_verify
label: "Skip Certificate Verification"
description: "Skip verifying the server certificate (to allow a self-signed certificate)"
schema:
type: boolean
default: false
- variable: minimum_version
label: "Minimum TLS version"
description: "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
schema:
type: string
default: "TLS1.2"
enum:
- value: "TLS1.0"
description: "TLS1.0"
- value: "TLS1.1"
description: "TLS1.1"
- value: "TLS1.2"
description: "TLS1.2"
- value: "TLS1.3"
description: "TLS1.3"
- variable: access_control
group: "App Configuration"
label: "Access Control Configuration"
description: "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
schema:
additional_attrs: true
type: dict
attrs:
- variable: default_policy
label: "Default Policy"
description: "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
schema:
type: string
default: "two_factor"
enum:
- value: "bypass"
description: "bypass"
- value: "one_factor"
description: "one_factor"
- value: "two_factor"
description: "two_factor"
- value: "deny"
description: "deny"
- variable: networks
label: "Networks"
schema:
type: list
default: []
items:
- variable: networkItem
label: "Network Item"
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: "Name"
schema:
type: string
default: ""
required: true
- variable: networks
label: "Networks"
schema:
type: list
default: []
items:
- variable: network
label: "network"
schema:
type: string
default: ""
required: true
- variable: rules
label: "Rules"
schema:
type: list
default: []
items:
- variable: rulesItem
label: "Rule"
schema:
additional_attrs: true
type: dict
attrs:
- variable: domain
label: "Domains"
description: "defines which domain or set of domains the rule applies to."
schema:
type: list
default: []
items:
- variable: domainEntry
label: "Domain"
schema:
type: string
default: ""
required: true
- variable: policy
label: "Policy"
description: "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
schema:
type: string
default: "two_factor"
enum:
- value: "bypass"
description: "bypass"
- value: "one_factor"
description: "one_factor"
- value: "two_factor"
description: "two_factor"
- value: "deny"
description: "deny"
- variable: subject
label: "Subject"
description: "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
schema:
type: list
default: []
items:
- variable: subjectitem
label: "Subject"
schema:
type: string
default: ""
required: true
- variable: networks
label: "Networks"
schema:
type: list
default: []
items:
- variable: network
label: "Network"
schema:
type: string
default: ""
required: true
- variable: resources
label: "Resources"
description: "is a list of regular expressions that matches a set of resources to apply the policy to"
schema:
type: list
default: []
items:
- variable: resource
label: "Resource"
schema:
type: string
default: ""
required: true
- variable: service
group: Networking and Services
label: Configure Service(s)
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the Service
schema:
type: boolean
default: true
hidden: true
- variable: type
label: Service Type
description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
schema:
type: string
default: LoadBalancer
enum:
- value: LoadBalancer
description: LoadBalancer (Expose Ports)
- value: ClusterIP
description: ClusterIP (Do Not Expose Ports)
- variable: loadBalancerIP
label: LoadBalancer IP
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
schema:
show_if: [["type", "=", "LoadBalancer"]]
type: string
default: ""
- variable: ports
label: "Service's Port(s) Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 9091
required: true
- variable: serviceexpert
group: Networking and Services
label: Show Expert Config
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: scaleExternalInterface
description: Add External Interfaces
label: Add external Interfaces
group: Networking
schema:
type: list
items:
- variable: interfaceConfiguration
description: Interface Configuration
label: Interface Configuration
schema:
additional_attrs: true
type: dict
$ref:
- "normalize/interfaceConfiguration"
attrs:
- variable: hostInterface
description: Please Specify Host Interface
label: Host Interface
schema:
type: string
required: true
$ref:
- "definitions/interface"
- variable: ipam
description: Define how IP Address will be managed
label: IP Address Management
schema:
additional_attrs: true
type: dict
required: true
attrs:
- variable: type
description: Specify type for IPAM
label: IPAM Type
schema:
type: string
required: true
enum:
- value: dhcp
description: Use DHCP
- value: static
description: Use Static IP
- variable: staticIPConfigurations
label: Static IP Addresses
schema:
type: list
show_if: [["type", "=", "static"]]
items:
- variable: staticIP
label: Static IP
schema:
type: ipaddr
cidr: true
- variable: staticRoutes
label: Static Routes
schema:
type: list
show_if: [["type", "=", "static"]]
items:
- variable: staticRouteConfiguration
label: Static Route Configuration
schema:
additional_attrs: true
type: dict
attrs:
- variable: destination
label: Destination
schema:
type: ipaddr
cidr: true
required: true
- variable: gateway
label: Gateway
schema:
type: ipaddr
cidr: false
required: true
- variable: serviceList
label: Add Manual Custom Services
group: Networking and Services
schema:
type: list
default: []
items:
- variable: serviceListEntry
label: Custom Service
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the service
schema:
type: boolean
default: true
hidden: true
- variable: name
label: Name
schema:
type: string
default: ""
- variable: type
label: Service Type
description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
schema:
type: string
default: LoadBalancer
enum:
- value: LoadBalancer
description: LoadBalancer (Expose Ports)
- value: ClusterIP
description: ClusterIP (Do Not Expose Ports)
- value: Simple
description: Deprecated CHANGE THIS
- variable: loadBalancerIP
label: LoadBalancer IP
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
schema:
show_if: [["type", "=", "LoadBalancer"]]
type: string
default: ""
- variable: advancedsvcset
label: Show Advanced Service Settings
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: externalIPs
label: "External IP's"
description: "External IP's"
schema:
type: list
default: []
items:
- variable: externalIP
label: External IP
schema:
type: string
- variable: ipFamilyPolicy
label: IP Family Policy
description: Specify the IP Policy
schema:
type: string
default: SingleStack
enum:
- value: SingleStack
description: SingleStack
- value: PreferDualStack
description: PreferDualStack
- value: RequireDualStack
description: RequireDualStack
- variable: ipFamilies
label: IP Families
description: (Advanced) The IP Families that should be used
schema:
type: list
default: []
items:
- variable: ipFamily
label: IP Family
schema:
type: string
- variable: portsList
label: Additional Service Ports
schema:
type: list
default: []
items:
- variable: portsListEntry
label: Custom ports
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the Port
schema:
type: boolean
default: true
hidden: true
- variable: name
label: Port Name
schema:
type: string
default: ""
- variable: protocol
label: Port Type
schema:
type: string
default: tcp
enum:
- value: http
description: HTTP
- value: https
description: HTTPS
- value: tcp
description: TCP
- value: udp
description: UDP
- variable: targetPort
label: Target Port
description: This port exposes the container port on the service
schema:
type: int
required: true
- variable: port
label: Container Port
schema:
type: int
required: true
- variable: persistence
label: Integrated Persistent Storage
description: Integrated Persistent Storage
group: Storage and Persistence
schema:
additional_attrs: true
type: dict
attrs:
- variable: config
label: "App Config Storage"
description: "Stores the Application Configuration."
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: Type of Storage
description: Sets the persistence type, Anything other than PVC could break rollback!
schema:
type: string
default: pvc
enum:
- value: pvc
description: PVC
- value: hostPath
description: Host Path
- value: emptyDir
description: emptyDir
- value: nfs
description: NFS Share
- variable: server
label: NFS Server
schema:
show_if: [["type", "=", "nfs"]]
type: string
default: ""
- variable: path
label: Path on NFS Server
schema:
show_if: [["type", "=", "nfs"]]
type: string
default: ""
- variable: autoPermissions
label: Automatic Permissions Configuration
description: Automatically set permissions
schema:
show_if: [["type", "!=", "pvc"]]
type: dict
additional_attrs: true
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: chown
label: Run CHOWN
description: |
It will run CHOWN on the path with the given fsGroup
schema:
type: boolean
default: false
- variable: chmod
label: Run CHMOD
description: |
It will run CHMOD on the path with the given value</br>
Format should be 3 digits, e.g. 770
schema:
type: string
valid_chars: '[0-9]{3}'
default: ""
- variable: recursive
label: Recursive
description: |
It will run CHOWN and CHMOD recursively
schema:
type: boolean
default: false
- variable: readOnly
label: Read Only
schema:
type: boolean
default: false
- variable: hostPath
label: Host Path
description: Path inside the container the storage is mounted
schema:
show_if: [["type", "=", "hostPath"]]
type: hostpath
- variable: medium
label: EmptyDir Medium
schema:
show_if: [["type", "=", "emptyDir"]]
type: string
default: ""
enum:
- value: ""
description: Default
- value: Memory
description: Memory
- variable: size
label: Size quotum of Storage (Do NOT REDUCE after installation)
description: This value can ONLY be INCREASED after the installation
schema:
show_if: [["type", "=", "pvc"]]
type: string
default: 256Gi
- variable: persistenceList
label: Additional App Storage
group: Storage and Persistence
schema:
type: list
default: []
items:
- variable: persistenceListEntry
label: Custom Storage
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the storage
schema:
type: boolean
default: true
hidden: true
- variable: type
label: Type of Storage
description: Sets the persistence type, Anything other than PVC could break rollback!
schema:
type: string
default: hostPath
enum:
- value: pvc
description: PVC
- value: hostPath
description: Host Path
- value: emptyDir
description: emptyDir
- value: nfs
description: NFS Share
- variable: server
label: NFS Server
schema:
show_if: [["type", "=", "nfs"]]
type: string
default: ""
- variable: path
label: Path on NFS Server
schema:
show_if: [["type", "=", "nfs"]]
type: string
default: ""
- variable: autoPermissions
label: Automatic Permissions Configuration
description: Automatically set permissions
schema:
show_if: [["type", "!=", "pvc"]]
type: dict
additional_attrs: true
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: chown
label: Run CHOWN
description: |
It will run CHOWN on the path with the given fsGroup
schema:
type: boolean
default: false
- variable: chmod
label: Run CHMOD
description: |
It will run CHMOD on the path with the given value</br>
Format should be 3 digits, e.g. 770
schema:
type: string
valid_chars: '[0-9]{3}'
default: ""
- variable: recursive
label: Recursive
description: |
It will run CHOWN and CHMOD recursively
schema:
type: boolean
default: false
- variable: readOnly
label: Read Only
schema:
type: boolean
default: false
- variable: hostPath
label: Host Path
description: Path inside the container the storage is mounted
schema:
show_if: [["type", "=", "hostPath"]]
type: hostpath
- variable: mountPath
label: Mount Path
description: Path inside the container the storage is mounted
schema:
type: string
default: ""
required: true
valid_chars: '^\/([a-zA-Z0-9._-]+(\s?[a-zA-Z0-9._-]+|\/?))+$'
- variable: medium
label: EmptyDir Medium
schema:
show_if: [["type", "=", "emptyDir"]]
type: string
default: ""
enum:
- value: ""
description: Default
- value: Memory
description: Memory
- variable: size
label: Size Quotum of Storage
schema:
show_if: [["type", "=", "pvc"]]
type: string
default: 256Gi
- variable: ingress
label: ""
group: Ingress
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Ingress"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable Ingress
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hosts
label: Hosts
schema:
type: list
default: []
items:
- variable: hostEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: host
label: HostName
schema:
type: string
default: ""
required: true
- variable: paths
label: Paths
schema:
type: list
default: []
items:
- variable: pathEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: path
label: Path
schema:
type: string
required: true
default: "/"
- variable: pathType
label: Path Type
schema:
type: string
required: true
default: Prefix
- variable: certificateIssuer
label: Cert-Manager clusterIssuer
description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
schema:
type: string
default: ""
- variable: middlewares
label: Traefik Middlewares
description: Add previously created Traefik Middlewares to this Ingress
schema:
type: list
default: []
items:
- variable: name
label: Name
schema:
type: string
default: ""
required: true
- variable: advanced
label: Show Advanced Settings
description: Advanced settings are not covered by TrueCharts Support
schema:
type: boolean
default: false
- variable: entrypoint
label: (Advanced) Traefik Entrypoint
description: Entrypoint used by Traefik when using Traefik as Ingress Provider
schema:
type: string
default: websecure
show_if: [["advanced", "=", true]]
required: true
- variable: allowCors
label: "Allow Cross Origin Requests"
schema:
type: boolean
show_if: [["advanced", "=", true]]
default: false
- variable: ingressClassName
label: (Advanced/Optional) IngressClass Name
schema:
type: string
show_if: [["advanced", "=", true]]
default: ""
- variable: tls
label: TLS-Settings
schema:
type: list
show_if: [["advanced", "=", true]]
default: []
items:
- variable: tlsEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: hosts
label: Certificate Hosts
schema:
type: list
default: []
items:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: certificateIssuer
label: Use Cert-Manager clusterIssuer
description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
schema:
type: string
default: ""
- variable: clusterCertificate
label: 'Cluster Certificate (Advanced)'
description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
schema:
type: string
show_if: [["certificateIssuer", "=", ""]]
default: ""
- variable: secretName
label: 'Use Custom Certificate Secret (Advanced)'
schema:
show_if: [["certificateIssuer", "=", ""]]
type: string
default: ""
- variable: scaleCert
label: 'Use TrueNAS SCALE Certificate (Deprecated)'
schema:
show_if: [["certificateIssuer", "=", ""]]
type: int
$ref:
- "definitions/certificate"
- variable: ingressList
label: Add Manual Custom Ingresses
group: Ingress
schema:
type: list
default: []
items:
- variable: ingressListEntry
label: Custom Ingress
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable Ingress
schema:
type: boolean
default: true
hidden: true
- variable: name
label: Name
schema:
type: string
default: ""
- variable: ingressClassName
label: IngressClass Name
schema:
type: string
default: ""
- variable: allowCors
label: "Allow Cross Origin Requests"
schema:
type: boolean
show_if: [["advanced", "=", true]]
default: false
- variable: hosts
label: Hosts
schema:
type: list
default: []
items:
- variable: hostEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: host
label: HostName
schema:
type: string
default: ""
required: true
- variable: paths
label: Paths
schema:
type: list
default: []
items:
- variable: pathEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: path
label: Path
schema:
type: string
required: true
default: "/"
- variable: pathType
label: Path Type
schema:
type: string
required: true
default: Prefix
- variable: service
label: Linked Service
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Service Name
schema:
type: string
default: ""
- variable: port
label: Service Port
schema:
type: int
- variable: certificateIssuer
label: certificateIssuer
description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates. Cannot be used combined with tls option below'
schema:
type: string
default: ""
- variable: tls
label: TLS-Settings
schema:
type: list
default: []
show_if: [["certificateIssuer", "=", ""]]
items:
- variable: tlsEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: hosts
label: Certificate Hosts
schema:
type: list
default: []
items:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: certificateIssuer
label: Use Cert-Manager clusterIssuer
description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
schema:
type: string
default: ""
- variable: scaleCert
label: Use TrueNAS SCALE Certificate (Deprecated)
schema:
show_if: [["certificateIssuer", "=", ""]]
type: int
$ref:
- "definitions/certificate"
- variable: clusterCertificate
label: 'Cluster Certificate (Advanced)'
description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
schema:
type: string
show_if: [["certificateIssuer", "=", ""]]
default: ""
- variable: secretName
label: Use Custom Secret (Advanced)
schema:
type: string
show_if: [["certificateIssuer", "=", ""]]
default: ""
- variable: entrypoint
label: Traefik Entrypoint
description: Entrypoint used by Traefik when using Traefik as Ingress Provider
schema:
type: string
default: websecure
required: true
- variable: middlewares
label: Traefik Middlewares
description: Add previously created Traefik Middlewares to this Ingress
schema:
type: list
default: []
items:
- variable: name
label: Name
schema:
type: string
default: ""
required: true
- variable: securityContext
group: Security and Permissions
label: Security Context
schema:
additional_attrs: true
type: dict
attrs:
- variable: container
label: Container
schema:
additional_attrs: true
type: dict
attrs:
# Settings from questions.yaml get appended here on a per-app basis
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 568
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID of the user running the application"
schema:
type: int
default: 568
# Settings from questions.yaml get appended here on a per-app basis
- variable: PUID
label: Process User ID - PUID
description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
schema:
type: int
show_if: [["runAsUser", "=", 0]]
default: 568
- variable: UMASK
label: UMASK
description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
schema:
type: string
default: "0022"
- variable: advanced
label: Show Advanced Settings
description: Advanced settings are not covered by TrueCharts Support
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: privileged
label: "Privileged mode"
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
schema:
type: boolean
default: true
- variable: pod
label: Pod
schema:
additional_attrs: true
type: dict
attrs:
- variable: fsGroupChangePolicy
label: "When should we take ownership?"
schema:
type: string
default: OnRootMismatch
enum:
- value: OnRootMismatch
description: OnRootMismatch
- value: Always
description: Always
- variable: supplementalGroups
label: Supplemental Groups
schema:
type: list
default: []
items:
- variable: supplementalGroupsEntry
label: Supplemental Group
schema:
type: int
# Settings from questions.yaml get appended here on a per-app basis
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 568
- variable: resources
group: Resources and Devices
label: "Resource Limits"
schema:
additional_attrs: true
type: dict
attrs:
- variable: limits
label: Advanced Limit Resource Consumption
schema:
additional_attrs: true
type: dict
attrs:
- variable: cpu
label: CPU
description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
schema:
type: string
default: 4000m
valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- variable: memory
label: RAM
description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
schema:
type: string
default: 8Gi
valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- variable: requests
label: "Minimum Resources Required (request)"
schema:
additional_attrs: true
type: dict
hidden: true
attrs:
- variable: cpu
label: CPU
description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
schema:
type: string
default: 10m
hidden: true
valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- variable: memory
label: "RAM"
description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
schema:
type: string
default: 50Mi
hidden: true
valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- variable: deviceList
label: Mount USB Devices
group: Resources and Devices
schema:
type: list
default: []
items:
- variable: deviceListEntry
label: Device
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the Storage
schema:
type: boolean
default: true
- variable: type
label: (Advanced) Type of Storage
description: Sets the persistence type
schema:
type: string
default: device
hidden: true
- variable: readOnly
label: readOnly
schema:
type: boolean
default: false
- variable: hostPath
label: Host Device Path
description: Path to the device on the host system
schema:
type: path
- variable: mountPath
label: Container Device Path
description: Path inside the container the device is mounted
schema:
type: string
default: "/dev/ttyACM0"
- variable: scaleGPU
label: GPU Configuration
group: Resources and Devices
schema:
type: list
default: []
items:
- variable: scaleGPUEntry
label: GPU
schema:
additional_attrs: true
type: dict
attrs:
# Specify GPU configuration
- variable: gpu
label: Select GPU
schema:
additional_attrs: true
type: dict
$ref:
- "definitions/gpuConfiguration"
attrs: []
- variable: workaround
label: "Workaround"
schema:
type: string
default: workaround
hidden: true
# - variable: horizontalPodAutoscaler
# group: Advanced
# label: (Advanced) Horizontal Pod Autoscaler
# schema:
# type: list
# default: []
# items:
# - variable: hpaEntry
# label: HPA Entry
# schema:
# additional_attrs: true
# type: dict
# attrs:
# - variable: name
# label: Name
# schema:
# type: string
# required: true
# default: ""
# - variable: enabled
# label: Enabled
# schema:
# type: boolean
# default: false
# show_subquestions_if: true
# subquestions:
# - variable: target
# label: Target
# description: Deployment name, Defaults to Main Deployment
# schema:
# type: string
# default: ""
# - variable: minReplicas
# label: Minimum Replicas
# schema:
# type: int
# default: 1
# - variable: maxReplicas
# label: Maximum Replicas
# schema:
# type: int
# default: 5
# - variable: targetCPUUtilizationPercentage
# label: Target CPU Utilization Percentage
# schema:
# type: int
# default: 80
# - variable: targetMemoryUtilizationPercentage
# label: Target Memory Utilization Percentage
# schema:
# type: int
# default: 80
- variable: networkPolicy
group: Advanced
label: (Advanced) Network Policy
schema:
type: list
default: []
items:
- variable: netPolicyEntry
label: Network Policy Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
default: ""
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: policyType
label: Policy Type
schema:
type: string
default: ""
enum:
- value: ""
description: Default
- value: ingress
description: Ingress
- value: egress
description: Egress
- value: ingress-egress
description: Ingress and Egress
- variable: egress
label: Egress
schema:
type: list
default: []
items:
- variable: egressEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: to
label: To
schema:
type: list
default: []
items:
- variable: toEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: ipBlock
label: IP Block
schema:
additional_attrs: true
type: dict
attrs:
- variable: cidr
label: CIDR
schema:
type: string
default: ""
- variable: except
label: Except
schema:
type: list
default: []
items:
- variable: exceptint
label: ""
schema:
type: string
- variable: namespaceSelector
label: Namespace Selector
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: podSelector
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: ports
label: Ports
schema:
type: list
default: []
items:
- variable: portsEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
schema:
type: int
- variable: endPort
label: End Port
schema:
type: int
- variable: protocol
label: Protocol
schema:
type: string
default: TCP
enum:
- value: TCP
description: TCP
- value: UDP
description: UDP
- value: SCTP
description: SCTP
- variable: ingress
label: Ingress
schema:
type: list
default: []
items:
- variable: ingressEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: from
label: From
schema:
type: list
default: []
items:
- variable: fromEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: ipBlock
label: IP Block
schema:
additional_attrs: true
type: dict
attrs:
- variable: cidr
label: CIDR
schema:
type: string
default: ""
- variable: except
label: Except
schema:
type: list
default: []
items:
- variable: exceptint
label: ""
schema:
type: string
- variable: namespaceSelector
label: Namespace Selector
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: podSelector
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: ports
label: Ports
schema:
type: list
default: []
items:
- variable: portsEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
schema:
type: int
- variable: endPort
label: End Port
schema:
type: int
- variable: protocol
label: Protocol
schema:
type: string
default: TCP
enum:
- value: TCP
description: TCP
- value: UDP
description: UDP
- value: SCTP
description: SCTP
- variable: identity_providers
group: "Advanced"
label: "Authelia Identity Providers (BETA)"
schema:
additional_attrs: true
type: dict
attrs:
- variable: oidc
label: "OpenID Connect(BETA)"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enabled"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: access_token_lifespan
label: "Access Token Lifespan"
schema:
type: string
default: "1h"
required: true
- variable: authorize_code_lifespan
label: "Authorize Code Lifespan"
schema:
type: string
default: "1m"
required: true
- variable: id_token_lifespan
label: "ID Token Lifespan"
schema:
type: string
default: "1h"
required: true
- variable: refresh_token_lifespan
label: "Refresh Token Lifespan"
schema:
type: string
default: "90m"
required: true
- variable: enable_client_debug_messages
label: "Enable Client Debug Messages"
schema:
type: boolean
default: false
- variable: clients
label: "Clients"
schema:
type: list
default: []
items:
- variable: clientEntry
label: "Client"
schema:
additional_attrs: true
type: dict
attrs:
- variable: id
label: "ID/Name"
description: "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
schema:
type: string
default: "myapp"
required: true
- variable: description
label: "Description"
description: "The description to show to users when they end up on the consent screen. Defaults to the ID above."
schema:
type: string
default: "My Application"
required: true
- variable: secret
label: "Secret"
description: "The client secret is a shared secret between Authelia and the consumer of this client."
schema:
type: string
default: ""
required: true
- variable: public
label: "public"
description: "Sets the client to public. This should typically not be set, please see the documentation for usage."
schema:
type: boolean
default: false
- variable: authorization_policy
label: "Authorization Policy"
description: "The policy to require for this client; one_factor or two_factor."
schema:
type: string
default: "two_factor"
enum:
- value: "one_factor"
description: "one_factor"
- value: "two_factor"
description: "two_factor"
- variable: consent_mode
label: "Consent Mode"
description: "Configures the consent mode. This can be set to auto (default), explicit (consent required every time) or implicit (automatically assumes consent for every authorization, never asking the user if they wish to give consent.)"
schema:
type: string
default: "auto"
enum:
- value: "auto"
description: "auto"
- value: "explicit"
description: "explicit"
- value: "implicit"
description: "implicit"
- variable: userinfo_signing_algorithm
label: "Userinfo Signing Algorithm"
description: "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
schema:
type: string
default: "none"
enum:
- value: "none"
description: "none"
- value: "RS256"
description: "RS256"
- variable: audience
label: "Audience"
description: "Audience this client is allowed to request."
schema:
type: list
default: []
items:
- variable: audienceEntry
label: ""
schema:
type: string
default: ""
required: true
- variable: scopes
label: "Scopes"
description: "Scopes this client is allowed to request."
schema:
type: list
default: []
items:
- variable: ScopeEntry
label: "Scope"
schema:
type: string
default: "openid"
required: true
- variable: redirect_uris
label: "redirect_uris"
description: "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
schema:
type: list
default: []
items:
- variable: uriEntry
label: "Url"
schema:
type: string
default: "https://oidc.example.com/oauth2/callback"
required: true
- variable: grant_types
description: "Grant Types configures which grants this client can obtain."
label: "grant_types"
schema:
type: list
default: []
items:
- variable: grantEntry
label: "Grant"
schema:
type: string
default: "refresh_token"
required: true
- variable: response_types
description: "Response Types configures which responses this client can be sent."
label: "response_types"
schema:
type: list
default: []
items:
- variable: responseEntry
label: "type"
schema:
type: string
default: "code"
required: true
- variable: response_modes
description: "Response Modes configures which response modes this client supports."
label: "response_modes"
schema:
type: list
default: []
items:
- variable: modeEntry
label: "Mode"
schema:
type: string
default: "form_post"
required: true
- variable: cnpg
group: Postgresql
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Postgresql Database"
schema:
additional_attrs: true
type: dict
attrs:
- variable: instances
label: Instances
schema:
type: int
default: 2
- variable: hibernate
label: Hibernate
description: "enable to safely hibernate and shutdown the postgresql cluster"
schema:
type: boolean
default: false
- variable: storage
label: "Storage"
schema:
additional_attrs: true
type: dict
attrs:
- variable: size
label: Size
schema:
type: string
default: "256Gi"
- variable: walsize
label: Walsize
schema:
type: string
default: "256Gi"
- variable: pooler
label: "Pooler"
schema:
additional_attrs: true
type: dict
attrs:
- variable: instances
label: Instances
schema:
type: int
default: 2
- variable: Monitoring
label: "Metrics"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enablePodMonitor
label: "enablePodMonitor"
schema:
type: boolean
default: true
- variable: addons
group: Addons
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: codeserver
label: Codeserver
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: service
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: Service Type
description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
schema:
type: string
default: LoadBalancer
enum:
- value: NodePort
description: Deprecated CHANGE THIS
- value: ClusterIP
description: ClusterIP
- value: LoadBalancer
description: LoadBalancer
- variable: loadBalancerIP
label: LoadBalancer IP
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
schema:
show_if: [["type", "=", "LoadBalancer"]]
type: string
default: ""
- variable: ports
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: codeserver
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
schema:
type: int
default: 36107
- variable: envList
label: Codeserver Environment Variables
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: Value
schema:
type: string
required: true
- variable: vpn
label: VPN
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: Type
schema:
type: string
default: disabled
enum:
- value: disabled
description: disabled
- value: gluetun
description: Gluetun
- value: tailscale
description: Tailscale
- value: openvpn
description: OpenVPN (Deprecated)
- value: wireguard
description: Wireguard (Deprecated)
- variable: openvpn
label: OpenVPN Settings
schema:
additional_attrs: true
type: dict
show_if: [["type", "=", "openvpn"]]
attrs:
- variable: username
label: Authentication Username (Optional)
description: Authentication Username, Optional
schema:
type: string
default: ""
- variable: password
label: Authentication Password
description: Authentication Credentials
schema:
type: string
show_if: [["username", "!=", ""]]
default: ""
required: true
- variable: tailscale
label: Tailscale Settings
schema:
additional_attrs: true
type: dict
show_if: [["type", "=", "tailscale"]]
attrs:
- variable: authkey
label: Authentication Key
description: Provide an auth key to automatically authenticate the node as your user account.
schema:
type: string
private: true
default: ""
- variable: auth_once
label: Auth Once
description: Only attempt to log in if not already logged in.
schema:
type: boolean
default: true
- variable: accept_dns
label: Accept DNS
description: Accept DNS configuration from the admin console.
schema:
type: boolean
default: false
- variable: userspace
label: Userspace
description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
schema:
type: boolean
default: false
- variable: routes
label: Routes
description: Expose physical subnet routes to your entire Tailscale network.
schema:
type: string
default: ""
- variable: dest_ip
label: Destination IP
description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
schema:
type: string
default: ""
- variable: sock5_server
label: Sock5 Server
description: The address on which to listen for SOCKS5 proxying into the tailscale net.
schema:
type: string
default: ""
- variable: outbound_http_proxy_listen
label: Outbound HTTP Proxy Listen
description: The address on which to listen for HTTP proxying into the tailscale net.
schema:
type: string
default: ""
- variable: extra_args
label: Extra Args
description: Extra Args
schema:
type: string
default: ""
- variable: daemon_extra_args
label: Tailscale Daemon Extra Args
description: Tailscale Daemon Extra Args
schema:
type: string
default: ""
- variable: killSwitch
label: Enable Killswitch
schema:
type: boolean
show_if: [["type", "!=", "disabled"]]
default: true
- variable: excludedNetworks_IPv4
label: Killswitch Excluded IPv4 networks
description: List of Killswitch Excluded IPv4 Addresses
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: networkv4
label: IPv4 Network
schema:
type: string
required: true
- variable: excludedNetworks_IPv6
label: Killswitch Excluded IPv6 networks
description: "List of Killswitch Excluded IPv6 Addresses"
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: networkv6
label: IPv6 Network
schema:
type: string
required: true
- variable: configFile
label: VPN Config File Location
schema:
type: string
show_if: [["type", "!=", "disabled"]]
default: ""
- variable: envList
label: VPN Environment Variables
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: Value
schema:
type: string
required: true
max_length: 10240
- variable: netshoot
label: Netshoot
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: envList
label: Netshoot Environment Variables
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: Value
schema:
type: string
required: true
- variable: docs
group: Documentation
label: Please read the documentation at https://truecharts.org
description: Please read the documentation at
<br /><a href="https://truecharts.org">https://truecharts.org</a>
schema:
additional_attrs: true
type: dict
attrs:
- variable: confirmDocs
label: I have checked the documentation
schema:
type: boolean
default: true
- variable: donateNag
group: Documentation
label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
description: Please consider supporting TrueCharts, see
<br /><a href="https://truecharts.org/sponsor">https://truecharts.org/sponsor</a>
schema:
additional_attrs: true
type: dict
attrs:
- variable: confirmDonate
label: I have considered donating
schema:
type: boolean
default: true
hidden: true