TrueChartsCatalogClone/premium/traefik/27.0.8/questions.yaml

3790 lines
167 KiB
YAML
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

groups:
- name: Image
description: |
Configured the images to be used for the Chart.
It's wise to use "digest pinned" tags and to avoid using "latest".
Checkout the following documentation for more information:
- https://truecharts.org/common/#images
- name: General
description: |
For TrueNAS SCALE We've grouped a number of settings here, that all effact how apps run in general.
Checkout the following documentation for more information:
- https://truecharts.org/common/global/
- https://truecharts.org/common/#tz
- https://truecharts.org/common/podoptions/
- Image Pull Secrets
- name: Workload
description: |
These settings configure how the actual Pods and containers are running.
Generally, on SCALE, we only expose a limited subset of these settings for the primary workload and container.
Checkout the following documentation for more information:
- https://truecharts.org/common/workload/
- https://truecharts.org/common/container/
- name: App Configuration
description: |
Every application has different values that may be required to run or have multiple options that the user may choose to enable or disable to change the behavior of the application.
Most options should have a Tooltip (Circled Question Mark) to further describe said option.
To find more information, lookup your chart-specific documentation in the Charts List: https://truecharts.org/charts/description-list/
- name: Services
description: |
Service and Networking options for any applications are contained here.
Some applications may have complicated networking setups with multiple options or some may have no options here at all.
Options here include the service and port configurations for the application, and more may be enabled or changed under the Advanced Settings and Show Expert Config boxes.
Checkout the following documentation for more information:
- https://truecharts.org/common/service/
- name: Networking
description: |
Contains advanced networking options that are not actively supported by the TrueCharts team.
Currently only contains scaleExternalInterfaces.
Checkout the following documentation for more information:
- https://truecharts.org/common/scaleexternalinterface/
- name: Persistence
description: |
Many applications will have certain options for storage to be configurable by the user, the main two being PVC and hostpath but may include other types.
This storage is called Persistence since it is not deleted upon restart or upgrade of an application.
Checkout the following documentation for more information:
- https://truecharts.org/common/persistence/
- https://truecharts.org/scale/guides/nfs-share/
- https://truecharts.org/general/faq/#why-pvc-is-recommended-over-hostpath
- name: Ingress
description: |
Ingress (more commonly known as Reverse Proxy) settings can be configured here. This is how Kubernetes connects your Applications in containers to FQDNs (fully qualified domain names).
If you choose to enable this you must have a "Ingress Provider" aka "Reverse Proxy" installed (We highly advice Traefik: https://truecharts.org/charts/premium/traefik/)
It also requiresa DNS service to actually resolve the DNS name of the FQDN specified.
Checkout the following documentation for more information:
- https://truecharts.org/common/ingress/
- name: SecurityContext
description: |
The security settings for each application and/or permissions that each application may have for the files/directories created.
Each application will come with predefined permissions but users may want to change certain setting depending on their usage or capabilities.
Unless necessary users are advised to keep this section mostly to defaults.
Checkout the following documentation for more information:
- https://truecharts.org/common/securitycontext/
- name: Resources
description: |
Resources limits that have been defined by each application are in this section.
Most will have a specific default that some users may want to change based on their specific hardware or needs.
This also contains the options to mount GPUs or, more precisely, "request" GPU's to be mounted.
Checkout the following documentation for more information:
- https://truecharts.org/common/resources/
- name: Devices
description: |
These are special "mountpoints" that can be used to mount miscelanious USB and PCI devices using special hostPath mounts.
For clearity we've decided to seperate this from persistence on SCALE.
Checkout the following documentation for more information:
- https://truecharts.org/common/persistence/device/
- https://truecharts.org/scale/guides/pci-passthrough/
- name: Middlewares
description: Traefik Middlewares
- name: StorageClass
description: |
StorageClasses define where to storage Storage.
Checkout the following documentation for more information:
- name: Metrics
description: |
Contains options to configure Prometheus metrics for the application.
Checkout the following documentation for more information:
- https://truecharts.org/common/metrics/
- name: Addons
description: |
Addons that are supplied by the TrueCharts team to add additional capabilities for users to use on top of the applications defaults.
Things included here are VPN addons, Codeserver for editing files inside the applications container, Netshoot for network troubelshooting, etc.
Generally not required for use but may be necessary or usefull at times for specific applications.
Checkout the following documentation for more information:
- https://truecharts.org/common/addons/
- https://truecharts.org/scale/guides/vpn-setup/
- name: Experimental
description: |
Experimental Configuration Options
Often these are not fully flushed-out, could randomly break or might not work at-all.
- name: Postgresql
description: |
For Postgresql we use "CloudNative-PG" as a backend, which has to be installed first.
Checkout the following documentation for more information:
- https://truecharts.org/common/cnpg/
- https://truecharts.org/scale/guides/sql-export/
- https://truecharts.org/scale/guides/recover-cnpg/
- name: Dependencies
description: |
contains dependency setting for which we, currently, do not have seperate catagories (yet)
- name: Documentation
description: |
We added this section to make everyone aware that OpenSource isn't always easy.
It doesn't keep existing without signficant ongoing support, so please consider supporting TrueCharts and other OpenSource projects.
Before installing, be sure you've followed the https://truecharts.org/scale/guides/getting-started/
We would also advice going over our https://truecharts.org/scale/guides/scale-intro/
and many of the other documentation pages...
portals:
open:
protocols:
- "$kubernetes-resource_configmap_tcportal-open_protocol"
host:
- "$kubernetes-resource_configmap_tcportal-open_host"
ports:
- "$kubernetes-resource_configmap_tcportal-open_port"
path: "$kubernetes-resource_configmap_tcportal-open_path"
questions:
- variable: global
group: General
label: "Global Settings"
schema:
additional_attrs: true
type: dict
attrs:
- variable: stopAll
label: Stop All
description: "Stops All Running pods and hibernates cnpg"
schema:
type: boolean
default: false
- variable: credentialsList
group: General
label: "Credentials (Experimental)"
schema:
type: list
default: []
items:
- variable: credentialsEntry
label: "Enter Credentials"
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: "Name"
schema:
type: string
required: true
default: ""
- variable: type
label: Type
description: "Type of Credential"
schema:
type: string
default: "s3"
enum:
- value: s3
description: s3 Storage
- variable: url
label: "url"
schema:
type: string
default: ""
required: true
- variable: path
label: "path"
description: "Path Prefix not needed for most cases"
schema:
type: string
default: ""
- variable: bucket
label: "bucket"
schema:
show_if: [["type", "=", "s3"]]
type: string
default: ""
required: true
- variable: accessKey
label: "accessKey"
schema:
show_if: [["type", "=", "s3"]]
type: string
default: ""
required: true
- variable: secretKey
label: "secretKey"
schema:
show_if: [["type", "=", "s3"]]
type: string
default: ""
required: true
- variable: encrKey
label: "encrKey"
description: "The Encryption key is needed for tools like volsync if not needed it will be ignored"
schema:
show_if: [["type", "=", "s3"]]
type: string
default: "MYSECRETPASSPHRASE"
required: true
- variable: workload
group: "Workload"
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: Type (Advanced)
schema:
type: string
default: Deployment
enum:
- value: Deployment
description: Deployment
- value: DaemonSet
description: DaemonSet
- variable: replicas
label: Replicas (Advanced)
description: Set the number of Replicas
schema:
type: int
show_if: [["type", "!=", "DaemonSet"]]
default: 1
- variable: podSpec
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: containers
label: Containers
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: Main Container
schema:
additional_attrs: true
type: dict
attrs:
- variable: envList
label: Extra Environment Variables
description: "Please be aware that some variables are set in the background, adding duplicates here might cause issues or prevent the app from starting..."
schema:
type: list
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
- variable: value
label: Value
schema:
type: string
- variable: extraArgs
label: Extra Args
schema:
type: list
default: []
items:
- variable: arg
label: Arg
schema:
type: string
- variable: advanced
label: Show Advanced Settings
description: Advanced settings are not covered by TrueCharts Support
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: command
label: Command
schema:
type: list
default: []
items:
- variable: param
label: Param
schema:
type: string
- variable: TZ
label: Timezone
group: "General"
schema:
type: string
default: "Etc/UTC"
$ref:
- "definitions/timezone"
- variable: podOptions
group: "General"
label: "Global Pod Options (Advanced)"
schema:
additional_attrs: true
type: dict
attrs:
- variable: expertPodOpts
label: "Expert - Pod Options"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hostNetwork
label: "Host Networking"
schema:
type: boolean
default: false
- variable: dnsConfig
label: "DNS Configuration"
schema:
type: dict
additional_attrs: true
attrs:
- variable: options
label: "Options"
schema:
type: list
default: [{"name": "ndots", "value": "1"}]
items:
- variable: optionsEntry
label: "Option Entry"
schema:
type: dict
additional_attrs: true
attrs:
- variable: name
label: "Name"
schema:
type: string
required: true
- variable: value
label: "Value"
schema:
type: string
- variable: nameservers
label: "Nameservers"
schema:
type: list
default: []
items:
- variable: nsEntry
label: "Nameserver Entry"
schema:
type: string
required: true
- variable: searches
label: "Searches"
schema:
type: list
default: []
items:
- variable: searchEntry
label: "Search Entry"
schema:
type: string
required: true
- variable: imagePullSecretList
group: "General"
label: "Image Pull Secrets"
schema:
type: list
default: []
items:
- variable: pullsecretentry
label: "Pull Secret"
schema:
type: dict
additional_attrs: true
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: true
- variable: data
label: Data
schema:
type: dict
additional_attrs: true
attrs:
- variable: registry
label: "Registry"
schema:
type: string
required: true
default: "https://index.docker.io/v1/"
- variable: username
label: "Username"
schema:
type: string
required: true
default: ""
- variable: password
label: "Password"
schema:
type: string
required: true
private: true
default: ""
- variable: email
label: "Email"
schema:
type: string
required: true
default: ""
- variable: expertIngressClass
label: Expert Mode
group: App Configuration
description: |
Expert Mode contains settings like: </br>
- IngressClass </br>
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: ingressClass
label: "ingressClass"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enable"
description: "When enabled, ingressClass will match the entered name of this app"
schema:
type: boolean
default: false
- variable: isDefaultClass
label: "isDefaultClass"
schema:
type: boolean
show_if: [["enabled", "=", true]]
default: false
- variable: logs
label: "Logs"
group: "App Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: general
label: "General Logs"
schema:
additional_attrs: true
type: dict
attrs:
- variable: level
label: "Log Level"
schema:
type: string
default: "ERROR"
enum:
- value: "INFO"
description: "Info"
- value: "WARN"
description: "Warnings"
- value: "ERROR"
description: "Errors"
- value: "FATAL"
description: "Fatal Errors"
- value: "PANIC"
description: "Panics"
- value: "DEBUG"
description: "Debug"
- variable: format
label: "General Log format"
schema:
type: string
default: "common"
enum:
- value: "common"
description: "Common Log Format"
- value: "json"
description: "JSON"
- variable: access
label: "Access Logs"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enable"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: enabledFilters
label: "Enable Filters"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: filters
label: "Filters"
schema:
additional_attrs: true
type: dict
attrs:
- variable: statuscodes
label: "Status codes"
schema:
type: string
default: "200,300-302"
- variable: retryattempts
label: "retryattempts"
schema:
type: boolean
default: true
- variable: minduration
label: "minduration"
schema:
type: string
default: "10ms"
- variable: fields
label: "Fields"
schema:
additional_attrs: true
type: dict
attrs:
- variable: general
label: "General"
schema:
additional_attrs: true
type: dict
attrs:
- variable: defaultmode
label: "Default Mode"
schema:
type: string
default: "keep"
enum:
- value: "keep"
description: "Keep"
- value: "drop"
description: "Drop"
- variable: headers
label: "Headers"
schema:
additional_attrs: true
type: dict
attrs:
- variable: defaultmode
label: "Default Mode"
schema:
type: string
default: "drop"
enum:
- value: "keep"
description: "Keep"
- value: "drop"
description: "Drop"
- variable: format
label: "Access Log format"
schema:
type: string
default: "common"
enum:
- value: "common"
description: "Common Log Format"
- value: "json"
description: "JSON"
- variable: middlewares
label: ""
group: "Middlewares"
schema:
additional_attrs: true
type: dict
attrs:
- variable: basicAuth
label: basicAuth
schema:
type: list
default: []
items:
- variable: basicAuthEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
default: ""
- variable: users
label: Users
schema:
type: list
default: []
items:
- variable: usersEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: username
label: Username
schema:
type: string
required: true
default: ""
- variable: password
label: Password
schema:
type: string
required: true
default: ""
- variable: forwardAuth
label: forwardAuth
schema:
type: list
default: []
items:
- variable: basicAuthEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
default: ""
- variable: address
label: Address
schema:
type: string
required: true
default: ""
- variable: trustForwardHeader
label: trustForwardHeader
schema:
type: boolean
default: false
- variable: tls
label: TLS
schema:
additional_attrs: true
type: dict
attrs:
- variable: insecureSkipVerify
label: insecureSkipVerify (expert)
description: >-
This disables all TLS certificate validation on communications with the authentication endpoint.
This could be a security risk and should only be used if you know what you are doing.
schema:
type: boolean
default: false
- variable: authResponseHeadersRegex
label: authResponseHeadersRegex
schema:
type: string
default: ""
- variable: authResponseHeaders
label: authResponseHeaders
schema:
type: list
default: []
items:
- variable: authResponseHeadersEntry
label: ""
schema:
type: string
default: ""
- variable: authRequestHeaders
label: authRequestHeaders
schema:
type: list
default: []
items:
- variable: authRequestHeadersEntry
label: ""
schema:
type: string
default: ""
- variable: buffering
label: Buffering
schema:
type: list
default: []
items:
- variable: bufferingEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: maxRequestBodyBytes
label: Max Request Body Bytes
description: Leave empty and it won't be set
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: memRequestBodyBytes
label: Mem Request Body Bytes
description: Leave empty and it won't be set
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: maxResponseBodyBytes
label: Max Response Body Bytes
description: Leave empty and it won't be set
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: memResponseBodyBytes
label: Mem Response Body Bytes
description: Leave empty and it won't be set
schema:
type: string
valid_chars: '^[0-9]*$'
default: ""
- variable: retryExpression
label: Retry Expression
description: Leave empty and it won't be set
schema:
type: string
default: ""
- variable: customRequestHeaders
label: Custom Request Headers
schema:
type: list
default: []
items:
- variable: customRequestHeadersEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: headers
label: Headers to Add
schema:
type: list
default: []
items:
- variable: headersEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Header Name
description: Name of custom header to be added to requests, eg. X-Custom-Header
schema:
valid_chars: ^[a-zA-Z0-9_\-]*$
type: string
required: true
default: ""
- variable: value
label: Header Value
description: The value of the header. If the value is empty, the header will be removed.
schema:
type: string
default: ""
- variable: customResponseHeaders
label: Custom Response Headers
schema:
type: list
default: []
items:
- variable: customResponseHeadersEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: headers
label: Headers to Add
schema:
type: list
default: []
items:
- variable: headersEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Header Name
description: Name of custom header to be added to responses, eg. X-Custom-Header
schema:
valid_chars: ^[a-zA-Z0-9_\-]*$
type: string
required: true
default: ""
- variable: value
label: Header Value
description: The value of the header. If the value is empty, the header will be removed.
schema:
type: string
default: ""
- variable: rewriteResponseHeaders
label: Rewrite Response Headers
schema:
type: list
default: []
items:
- variable: rewriteResponseHeadersEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: headers
label: Headers To Rewrite
schema:
type: list
default: []
items:
- variable: headersEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Header Name
description: Name of a header to modified in responses, eg. X-Custom-Header
schema:
valid_chars: ^[a-zA-Z0-9_\-]*$
type: string
required: true
default: ""
- variable: regex
label: Regex
description: The value of the header to match. Accepts regex expression.
schema:
type: string
default: ""
- variable: replacement
label: Replacement Regex
description: The new value of the header. Accepts regex expression.
schema:
type: string
default: ""
- variable: customFrameOptionsValue
label: Custom Frame Options Value
schema:
type: list
default: []
items:
- variable: customFrameOptionsValueEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: X-Frame-Options Header Value
description: The value of the header.
schema:
type: string
required: true
default: ""
- variable: chain
label: Chain
schema:
type: list
default: []
items:
- variable: chainEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: middlewares
label: Middlewares to Chain
schema:
type: list
default: []
items:
- variable: name
label: Name
schema:
type: string
required: true
default: ""
- variable: redirectScheme
label: redirectScheme
schema:
type: list
default: []
items:
- variable: redirectSchemeEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: scheme
label: Scheme
schema:
type: string
required: true
default: https
enum:
- value: https
description: https
- value: http
description: http
- variable: permanent
label: Permanent
schema:
type: boolean
default: false
- variable: rateLimit
label: rateLimit
schema:
type: list
default: []
items:
- variable: rateLimitEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: average
label: Average
schema:
type: int
required: true
default: 300
- variable: burst
label: Burst
schema:
type: int
required: true
default: 200
- variable: redirectRegex
label: redirectRegex
schema:
type: list
default: []
items:
- variable: redirectRegexEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: regex
label: Regex
schema:
type: string
required: true
default: ""
- variable: replacement
label: Replacement
schema:
type: string
required: true
default: ""
- variable: permanent
label: Permanent
schema:
type: boolean
default: false
- variable: stripPrefixRegex
label: stripPrefixRegex
schema:
type: list
default: []
items:
- variable: stripPrefixRegexEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: regex
label: Regex
schema:
type: list
default: []
items:
- variable: regexEntry
label: Regex
schema:
type: string
required: true
default: ""
- variable: ipWhiteList
label: ipWhiteList
schema:
type: list
default: []
items:
- variable: ipWhiteListEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
default: ""
- variable: sourceRange
label: Source Range
schema:
type: list
default: []
items:
- variable: sourceRangeEntry
label: ""
schema:
type: string
required: true
default: ""
- variable: ipStrategy
label: IP Strategy
schema:
additional_attrs: true
type: dict
attrs:
- variable: depth
label: Depth
schema:
type: int
required: true
- variable: excludedIPs
label: Excluded IPs
schema:
type: list
default: []
items:
- variable: excludedIPsEntry
label: ""
schema:
type: string
required: true
default: ""
- variable: themePark
label: theme.park
schema:
type: list
default: []
items:
- variable: themeParkEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: This is a 3rd party plugin and not maintained by TrueCharts,
for more information go to <a href="https://github.com/packruler/traefik-themepark">traefik-themepark</a>
schema:
type: string
required: true
default: ""
- variable: appName
label: App Name
description: Lower case, name of the app to be themed.
<br />Go to <a href="https://docs.theme-park.dev/themes/">https://docs.theme-park.dev/themes/</a> to see supported apps.
schema:
type: string
required: true
default: ""
- variable: themeName
label: Theme Name
description: Lower case, name of the theme to be applied.
<br />Go to <a href="https://docs.theme-park.dev/theme-options/">https://docs.theme-park.dev/theme-options/</a> to see supported themes.
schema:
type: string
required: true
default: ""
- variable: baseUrl
label: Base URL
description: Replace `https://theme-park.dev` URL for self-hosting reference.
schema:
type: string
required: true
default: https://theme-park.dev
- variable: addons
label: Addons
schema:
type: list
default: []
items:
- variable: addonEntry
label: Addon
description: Currently only supports 'darker' and '4k-logo' for *arr apps.
<br />Go to <a href="https://docs.theme-park.dev/themes/addons/">https://docs.theme-park.dev/themes/addons/</a> for Addon information.
<br />Go to <a href="https://github.com/packruler/traefik-themepark">https://github.com/packruler/traefik-themepark</a> for more context on plugin
schema:
type: string
required: true
default: ""
- variable: realIP
label: Real IP
schema:
type: list
default: []
items:
- variable: realIPEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
default: ""
- variable: excludedNetworks
label: Excluded Networks
schema:
type: list
default: []
items:
- variable: excludedNetEntry
label: Excluded Network Entry
description: Network to exclude setting it to X-Real-Ip
schema:
type: string
required: true
default: ""
- variable: geoBlock
label: GeoBlock
schema:
type: list
default: []
items:
- variable: geoBlockEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: This is a 3rd party plugin and not maintained by TrueCharts,
for more information go to <a href="https://github.com/PascalMinder/geoblock">geoblock</a>
schema:
type: string
required: true
default: ""
- variable: allowLocalRequests
label: Allow Local Requests
description: If set to true, will not block request from Private IP Ranges
schema:
type: boolean
default: true
- variable: logLocalRequests
label: Log Local Requests
description: If set to true, will log every connection from any IP in the private IP range
schema:
type: boolean
default: false
- variable: logAllowedRequests
label: Log Allowed Requests
description: If set to true, will show a log message with the IP and the country of origin if a request is allowed.
schema:
type: boolean
default: false
- variable: logApiRequests
label: Log API Requests
description: If set to true, will show a log message for every API hit.
schema:
type: boolean
default: false
- variable: api
label: API
description: Defines the API URL for the IP to Country resolution. The IP to fetch can be added with {ip} to the URL.
schema:
type: string
required: true
default: https://get.geojs.io/v1/ip/country/{ip}
- variable: apiTimeoutMs
label: API Timeout in ms
description: Timeout for the call to the api uri.
schema:
type: int
required: true
default: 500
- variable: cacheSize
label: Cache Size
description: Defines the max size of the LRU (least recently used) cache.
schema:
type: int
required: true
default: 25
- variable: forceMonthlyUpdate
label: Force Monthly Update
description: Even if an IP stays in the cache for a period of a month (about 30 x 24 hours), it must be fetch again after a month.
schema:
type: boolean
default: true
- variable: allowUnknownCountries
label: Allow Unknown Countries
description: Some IP addresses have no country associated with them. If this option is set to true, all IPs with no associated country are also allowed.
schema:
type: boolean
default: false
- variable: unknownCountryApiResponse
label: Unknown Countries API Response
description: The API uri can be customized. This options allows to customize the response string of the API when a IP with no associated country is requested.
schema:
type: string
required: true
default: nil
- variable: blackListMode
label: Blacklist Mode
description: When set to true the filter logic is inverted, i.e. requests originating from countries listed in the countries list are blocked.
schema:
type: boolean
default: false
- variable: countries
description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
label: Countries
schema:
type: list
default: []
items:
- variable: countryEntry
label: Country
description: Country codes (2 characters) from which connections to the service should be allowed or blocked, based on the mode.
schema:
type: string
required: true
# Allow only 2 Characters
valid_chars: '^[a-zA-Z]{2}$'
default: ""
- variable: addPrefix
label: Add Prefix
schema:
type: list
default: []
items:
- variable: addPrefixEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
default: ""
- variable: prefix
label: Prefix
schema:
type: string
required: true
default: ""
- variable: modsecurity
label: modsecurity
schema:
type: list
default: []
items:
- variable: modsecurityEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
description: This is a 3rd party plugin and not maintained by TrueCharts,
for more information go to <a href="https://github.com/acouvreur/traefik-modsecurity-plugin">traefik-modsecurity-plugin</a>
schema:
type: string
required: true
default: ""
- variable: modSecurityUrl
label: ModSecurity Url
description: It's the URL for the owasp/modsecurity container.
schema:
type: string
required: true
default: "https://someurl"
- variable: timeoutMillis
label: timeout Millis
description: timeout in milliseconds for the http client to talk with modsecurity container. (
schema:
type: int
required: true
default: 2
- variable: maxBodySize
label: maxBody Size
description: it's the maximum limit for requests body size. Requests exceeding this value will be rejected using HTTP 413 Request Entity Too Large. Zero means "use default value".
schema:
type: int
required: true
default: 0
- variable: bouncer
label: "Crowdsec Bouncer (experimental)"
schema:
type: list
default: []
items:
- variable: crowdsecEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: logLevel
label: Log Verbosity Level
description: How description the logs are, from info to debug.
schema:
type: string
required: true
default: info
enum:
- value: INFO
description: info
- value: WARNING
description: warning
- value: ERROR
description: error
- value: PANIC
description: panic
- value: DEBUG
description: debug
- value: FATAL
description: fatal
- variable: updateIntervalSeconds
label: Update Interval in Seconds
description:
schema:
type: int
default: 60
- variable: defaultDecisionSeconds
label: Time to take Crowdsec Decisions in Seconds
description:
schema:
type: int
default: 60
- variable: httpTimeoutSeconds
label: HTTP Timeout in Seconds
description:
schema:
type: int
default: 10
- variable: crowdsecMode
label: Crowdsec Mode
description:
schema:
type: string
default: "live"
- variable: crowdsecAppsecEnabled
label: Crowdsec App Security
description:
schema:
type: boolean
default: false
- variable: crowdsecAppsecHost
label: Crowdsec App Security Host
description: Enter Crowdsec App Host URL such as cowdsec:7432
schema:
type: string
default: ""
- variable: crowdsecAppsecFailureBlock
label: Crowdsec App Security Failure Block
description:
schema:
type: boolean
default: true
- variable: crowdsecLapiHost
label: Crowdsec App Lapi Host
description: Enter Crowdsec LAPI Host URL such as cowdsec:8080
schema:
type: string
default: ""
- variable: crowdsecLapiScheme
label: Crowdsec App Lapi Scheme
description: Enter Crowdsec LAPI HTTP Sheme
schema:
type: string
default: "http"
- variable: crowdsecLapiTLSInsecureVerify
label: Crowdsec App Lapi TLS Insecure Verify
description: Verifies if TLS is verfied
schema:
type: boolean
default: false
- variable: crowdsecCapiMachineId
label: Crowdsec Capi Machine ID
description: Enter Crowdsec CAPI Machine ID
schema:
type: string
default: ""
- variable: crowdsecCapiMachinePassword
label: Crowdsec Capi Machine Password
description: Enter Crowdsec CAPI Machine Password
schema:
type: string
private: true
default: ""
- variable: crowdsecCapiScenarios
label: Crodsec Capi Scenarios
description: Enter Crowdsec Capi Scenarios
schema:
type: list
default: [["crowdsecurity/http-path-traversal-probing", "crowdsecurity/http-xss-probing", "crowdsecurity/http-generic-bf"]]
items:
- variable: crowdsecCapiScenariosEntry
label: Crodsec Capi Scenarios Entry
schema:
type: string
default: ""
- variable: forwardedHeadersTrustedIPs
label: Crowdsec Forwarded Headers Trusted Ips
description: Enter Crowdsec forwarded trusted helpers such as 10.0.10.23/32, 10.0.20.0/24
schema:
type: list
default: []
items:
- variable: forwardedHeadersTrustedIPsEntry
label: Crowdsec Forwarded Headers Trusted Ips Entry
schema:
type: string
default: ""
- variable: clientTrustedIPs
label: Crowdsec client Trusted Ips
description: Enter Crowdsec client trusted IPs as 192.168.1.0/24
schema:
type: list
default: []
items:
- variable: clientTrustedIPsEntry
label: Crowdsec client Trusted Ips Entry
schema:
type: string
default: ""
- variable: forwardedHeadersCustomName
label: Forward
description: Enter Crowdsec CAPI Machine ID
schema:
type: string
default: "X-Custom-Header"
- variable: service
group: Services
label: Configure Service(s)
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the Service
schema:
type: boolean
default: true
hidden: true
- variable: type
label: Service Type
description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
schema:
type: string
default: LoadBalancer
enum:
- value: LoadBalancer
description: LoadBalancer (Expose Ports)
- value: ClusterIP
description: ClusterIP (Do Not Expose Ports)
- variable: loadBalancerIP
label: LoadBalancer IP
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
schema:
show_if: [["type", "=", "LoadBalancer"]]
type: string
default: ""
- variable: ports
label: "Service's Port(s) Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Entrypoint Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Entrypoints Port"
schema:
type: int
default: 9000
required: true
- variable: tcp
label: "TCP Service"
description: "The tcp Entrypoint service"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the Service
schema:
type: boolean
default: true
hidden: true
- variable: type
label: Service Type
description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
schema:
type: string
default: LoadBalancer
enum:
- value: LoadBalancer
description: LoadBalancer (Expose Ports)
- value: ClusterIP
description: ClusterIP (Do Not Expose Ports)
- variable: loadBalancerIP
label: LoadBalancer IP
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
schema:
show_if: [["type", "=", "LoadBalancer"]]
type: string
default: ""
- variable: ports
label: "Service's Port(s) Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: web
label: "web Entrypoint Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Entrypoints Port"
schema:
type: int
default: 80
required: true
- variable: advanced
label: Show Advanced Settings
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: redirectPort
label: "Redirect to Port"
schema:
type: int
- variable: redirectTo
label: "Redirect to Entrypoint"
schema:
type: string
default: "websecure"
- variable: forwardedHeaders
label: Accept Forwarded Headers
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: trustedIPs
label: Trusted IPs
description: Trust Forwarded Headers from specific IPs.
schema:
type: list
default: []
items:
- variable: trustedIPsEntry
label: ""
schema:
type: string
required: true
default: ""
- variable: insecureMode
label: Insecure Mode
description: Always Trust Forwarded Headers
schema:
type: boolean
default: false
- variable: proxyProtocol
label: Accept Proxy Protocol connections
description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: trustedIPs
label: Trusted IPs
description: Only IPs in trustedIPs will lead to remote client address replacement
schema:
type: list
default: []
items:
- variable: trustedIPsEntry
label: ""
schema:
type: string
required: true
default: ""
- variable: insecureMode
label: Insecure Mode
description: Trust every incoming connection
schema:
type: boolean
default: false
- variable: websecure
label: "websecure Entrypoints Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Entrypoints Port"
schema:
type: int
default: 443
required: true
- variable: advanced
label: Show Advanced Settings
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: redirectPort
label: "Redirect to Port"
schema:
type: int
- variable: redirectTo
label: "Redirect to Entrypoint"
schema:
type: string
- variable: forwardedHeaders
label: Accept Forwarded Headers
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: trustedIPs
label: Trusted IPs
description: Trust Forwarded Headers from specific IPs.
schema:
type: list
default: []
items:
- variable: trustedIPsEntry
label: ""
schema:
type: string
required: true
default: ""
- variable: insecureMode
label: Insecure Mode
description: Always Trust Forwarded Headers
schema:
type: boolean
default: false
- variable: proxyProtocol
label: Accept Proxy Protocol connections
description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: trustedIPs
label: Trusted IPs
description: Only IPs in trustedIPs will lead to remote client address replacement
schema:
type: list
default: []
items:
- variable: trustedIPsEntry
label: ""
schema:
type: string
required: true
default: ""
- variable: insecureMode
label: Insecure Mode
description: Trust every incoming connection
schema:
type: boolean
default: false
- variable: tls
label: "websecure Entrypoints Configuration"
schema:
additional_attrs: true
type: dict
hidden: true
attrs:
- variable: enabled
label: "Enabled"
schema:
type: boolean
default: true
hidden: true
- variable: portsList
label: "Additional TCP Entrypoints"
schema:
type: list
default: []
items:
- variable: portsListEntry
label: "Custom Entrypoints"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enable the port"
schema:
type: boolean
default: true
hidden: true
- variable: name
label: "Entrypoints Name"
schema:
type: string
default: ""
- variable: protocol
label: "Entrypoints Type"
schema:
type: string
default: "tcp"
enum:
- value: http
description: "HTTP"
- value: "https"
description: "HTTPS"
- value: tcp
description: "TCP"
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
required: true
- variable: tls
label: "websecure Entrypoints Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: "Enabled"
schema:
type: boolean
default: true
- variable: redirectPort
label: "Redirect to Port"
schema:
type: int
- variable: redirectTo
label: "Redirect to Entrypoint"
schema:
type: string
- variable: forwardedHeaders
label: Accept Forwarded Headers
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: trustedIPs
label: Trusted IPs
description: Trust Forwarded Headers from specific IPs.
schema:
type: list
default: []
items:
- variable: trustedIPsEntry
label: ""
schema:
type: string
required: true
default: ""
- variable: insecureMode
label: Insecure Mode
description: Always Trust Forwarded Headers
schema:
type: boolean
default: false
- variable: proxyProtocol
label: Accept Proxy Protocol connections
description: If Proxy Protocol header parsing is enabled for the entry point, this entry point can accept connections with or without Proxy Protocol headers.
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: trustedIPs
label: Trusted IPs
description: Only IPs in trustedIPs will lead to remote client address replacement
schema:
type: list
default: []
items:
- variable: trustedIPsEntry
label: ""
schema:
type: string
required: true
default: ""
- variable: insecureMode
label: Insecure Mode
description: Trust every incoming connection
schema:
type: boolean
default: false
- variable: ingress
label: ""
group: Ingress
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: "Main Ingress"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable Ingress
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hosts
label: Hosts
schema:
type: list
default: []
items:
- variable: hostEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: host
label: HostName
schema:
type: string
default: ""
required: true
- variable: paths
label: Paths
schema:
type: list
default: [{path: "/", pathType: "Prefix"}]
items:
- variable: pathEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: path
label: Path
schema:
type: string
required: true
default: "/"
- variable: pathType
label: Path Type
schema:
type: string
required: true
default: Prefix
- variable: integrations
label: Integrations
description: Connect ingress with other charts
schema:
additional_attrs: true
type: dict
attrs:
- variable: traefik
label: Traefik
description: Connect ingress with Traefik
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: true
- variable: allowCors
label: 'Allow Cross Origin Requests (advanced)'
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
- variable: entrypoints
label: Entrypoints
schema:
type: list
default: ["websecure"]
show_if: [["enabled", "=", true]]
items:
- variable: entrypoint
label: Entrypoint
schema:
type: string
- variable: middlewares
label: Middlewares
schema:
type: list
default: []
show_if: [["enabled", "=", true]]
items:
- variable: middleware
label: Middleware
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: name
schema:
type: string
default: ""
required: true
- variable: namespace
label: 'namespace (optional)'
schema:
type: string
default: ""
- variable: certManager
label: certManager
description: Connect ingress with certManager
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: false
- variable: certificateIssuer
label: certificateIssuer
description: defaults to chartname
schema:
type: string
default: ""
show_if: [["enabled", "=", true]]
- variable: homepage
label: Homepage
description: Connect ingress with Homepage
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: false
- variable: name
label: Name (Optional)
description: Defaults to chart name
schema:
type: string
default: ""
show_if: [["enabled", "=", true]]
- variable: description
label: Description (Optional)
description: Defaults to chart description
schema:
type: string
default: ""
show_if: [["enabled", "=", true]]
- variable: icon
label: Icon (Optional)
description: Defaults to chart icon
schema:
type: string
default: ""
show_if: [["enabled", "=", true]]
- variable: group
label: Group
schema:
type: string
required: true
default: "default"
show_if: [["enabled", "=", true]]
- variable: widget
label: Widget Settings
schema:
type: dict
additional_attrs: true
show_if: [["enabled", "=", true]]
attrs:
- variable: enabled
label: Enable Widget
description: When disabled all widget annotations are skipped.
schema:
type: boolean
default: true
- variable: custom
label: Options
schema:
type: dict
additional_attrs: true
attrs:
- variable: key
label: API-key (key)
schema:
type: string
default: ""
- variable: customkv
label: Custom Options
schema:
type: list
default: []
items:
- variable: option
label: Option
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
default: ""
required: true
- variable: value
label: Value
schema:
type: string
default: ""
required: true
- variable: advanced
label: Show Advanced Settings
description: Advanced settings are not covered by TrueCharts Support
schema:
type: boolean
default: false
- variable: ingressClassName
label: (Advanced/Optional) IngressClass Name
schema:
type: string
show_if: [["advanced", "=", true]]
default: ""
- variable: tls
label: TLS-Settings
schema:
type: list
show_if: [["advanced", "=", true]]
default: []
items:
- variable: tlsEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: hosts
label: Certificate Hosts
schema:
type: list
default: []
items:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: certificateIssuer
label: Use Cert-Manager clusterIssuer
description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
schema:
type: string
default: ""
- variable: clusterCertificate
label: 'Cluster Certificate (Advanced)'
description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
schema:
type: string
show_if: [["certificateIssuer", "=", ""]]
default: ""
- variable: secretName
label: 'Use Custom Certificate Secret (Advanced)'
schema:
show_if: [["certificateIssuer", "=", ""]]
type: string
default: ""
- variable: ingressList
label: Add Manual Custom Ingresses
group: Ingress
schema:
type: list
default: []
items:
- variable: ingressListEntry
label: Custom Ingress
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable Ingress
schema:
type: boolean
default: true
hidden: true
- variable: name
label: Name
schema:
type: string
default: ""
- variable: ingressClassName
label: IngressClass Name
schema:
type: string
default: ""
- variable: hosts
label: Hosts
schema:
type: list
default: []
items:
- variable: hostEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: host
label: HostName
schema:
type: string
default: ""
required: true
- variable: paths
label: Paths
schema:
type: list
default: []
items:
- variable: pathEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: path
label: Path
schema:
type: string
required: true
default: "/"
- variable: pathType
label: Path Type
schema:
type: string
required: true
default: Prefix
- variable: overrideService
label: Linked Service
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Service Name
schema:
type: string
default: ""
- variable: port
label: Service Port
schema:
type: int
- variable: tls
label: TLS-Settings
schema:
type: list
default: []
show_if: [["certificateIssuer", "=", ""]]
items:
- variable: tlsEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: hosts
label: Certificate Hosts
schema:
type: list
default: []
items:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: certificateIssuer
label: Use Cert-Manager clusterIssuer
description: 'add the name of your Cert-Manager clusterIssuer here for automatic tls certificates.'
schema:
type: string
default: ""
- variable: clusterCertificate
label: 'Cluster Certificate (Advanced)'
description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
schema:
type: string
show_if: [["certificateIssuer", "=", ""]]
default: ""
- variable: secretName
label: Use Custom Secret (Advanced)
schema:
type: string
show_if: [["certificateIssuer", "=", ""]]
default: ""
- variable: integrations
label: Integrations
description: Connect ingress with other charts
schema:
additional_attrs: true
type: dict
attrs:
- variable: traefik
label: Traefik
description: Connect ingress with Traefik
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: true
- variable: allowCors
label: "Allow Cross Origin Requests"
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
- variable: entrypoints
label: Entrypoints
schema:
type: list
default: ["websecure"]
show_if: [["enabled", "=", true]]
items:
- variable: entrypoint
label: Entrypoint
schema:
type: string
- variable: middlewares
label: Middlewares
schema:
type: list
default: []
show_if: [["enabled", "=", true]]
items:
- variable: middleware
label: Middleware
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: name
schema:
type: string
default: ""
required: true
- variable: namespace
label: namespace
schema:
type: string
default: ""
- variable: certManager
label: certManager
description: Connect ingress with certManager
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: true
- variable: certificateIssuer
label: certificateIssuer
description: defaults to chartname
schema:
type: string
default: ""
show_if: [["enabled", "=", true]]
- variable: homepage
label: Homepage
description: Connect ingress with Homepage
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: false
- variable: name
label: Name
description: defaults to chartname
schema:
type: string
default: ""
show_if: [["enabled", "=", true]]
- variable: description
label: Description
description: defaults to chart description
schema:
type: string
default: ""
show_if: [["enabled", "=", true]]
- variable: group
label: Group
schema:
type: string
required: true
default: "default"
show_if: [["enabled", "=", true]]
- variable: securityContext
group: SecurityContext
label: Security Context
schema:
additional_attrs: true
type: dict
attrs:
- variable: container
label: Container
schema:
additional_attrs: true
type: dict
attrs:
# Settings from questions.yaml get appended here on a per-app basis
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 568
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID of the user running the application"
schema:
type: int
default: 568
# Settings from questions.yaml get appended here on a per-app basis
- variable: PUID
label: Process User ID - PUID
description: When supported by the container, this sets the User ID running the Application Process. Not supported by all Apps
schema:
type: int
show_if: [["runAsUser", "=", 0]]
default: 568
- variable: UMASK
label: UMASK
description: When supported by the container, this sets the UMASK for the App. Not supported by all Apps
schema:
type: string
default: "0022"
- variable: advanced
label: Show Advanced Settings
description: Advanced settings are not covered by TrueCharts Support
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: privileged
label: "Privileged mode"
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
schema:
type: boolean
default: true
- variable: pod
label: Pod
schema:
additional_attrs: true
type: dict
attrs:
- variable: fsGroupChangePolicy
label: "When should we take ownership?"
schema:
type: string
default: OnRootMismatch
enum:
- value: OnRootMismatch
description: OnRootMismatch
- value: Always
description: Always
- variable: supplementalGroups
label: Supplemental Groups
schema:
type: list
default: []
items:
- variable: supplementalGroupsEntry
label: Supplemental Group
schema:
type: int
# Settings from questions.yaml get appended here on a per-app basis
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 568
- variable: resources
group: Resources
label: "Resource Limits"
schema:
additional_attrs: true
type: dict
attrs:
- variable: limits
label: Advanced Limit Resource Consumption
schema:
additional_attrs: true
type: dict
attrs:
- variable: cpu
label: CPU
description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
schema:
type: string
default: 4000m
valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- variable: memory
label: RAM
description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
schema:
type: string
default: 8Gi
valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- variable: 'gpu.intel.com/i915'
label: Add Intel i915 GPUs
schema:
type: int
default: 0
- variable: 'nvidia.com/gpu'
label: Add NVIDIA GPUs (Experimental)
schema:
type: int
default: 0
- variable: 'amd.com/gpu'
label: Add AMD GPUs
schema:
type: int
default: 0
- variable: requests
label: "Minimum Resources Required (request)"
schema:
additional_attrs: true
type: dict
hidden: true
attrs:
- variable: cpu
label: CPU
description: "1000m means 1 hyperthread. Detailed info: https://truecharts.org/manual/SCALE/validation"
schema:
type: string
default: 10m
hidden: true
valid_chars: '^(?!^0(\.0|m|)$)([0-9]+)(\.[0-9]|m?)$'
- variable: memory
label: "RAM"
description: "1Gi means 1 Gibibyte RAM. Detailed info: https://truecharts.org/manual/SCALE/validation"
schema:
type: string
default: 50Mi
hidden: true
valid_chars: '^(?!^0(e[0-9]|[EPTGMK]i?|)$)([0-9]+)(|[EPTGMK]i?|e[0-9]+)$'
- variable: deviceList
label: Mount USB Devices
group: Devices
schema:
type: list
default: []
items:
- variable: deviceListEntry
label: Device
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable the Storage
schema:
type: boolean
default: true
- variable: type
label: (Advanced) Type of Storage
description: Sets the persistence type
schema:
type: string
default: device
hidden: true
- variable: readOnly
label: readOnly
schema:
type: boolean
default: false
- variable: hostPath
label: Host Device Path
description: Path to the device on the host system
schema:
type: path
- variable: mountPath
label: Container Device Path
description: Path inside the container the device is mounted
schema:
type: string
default: "/dev/ttyACM0"
- variable: metrics
group: Metrics
label: Prometheus Metrics
schema:
additional_attrs: true
type: dict
attrs:
- variable: main
label: Main Metrics
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
description: Enable Prometheus Metrics
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: prometheusRule
label: PrometheusRule
description: Enable and configure Prometheus Rules for the App.
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
description: Enable Prometheus Metrics
schema:
type: boolean
default: false
# TODO: Rule List section
# - variable: horizontalPodAutoscaler
# group: Experimental
# label: (Advanced) Horizontal Pod Autoscaler
# schema:
# type: list
# default: []
# items:
# - variable: hpaEntry
# label: HPA Entry
# schema:
# additional_attrs: true
# type: dict
# attrs:
# - variable: name
# label: Name
# schema:
# type: string
# required: true
# default: ""
# - variable: enabled
# label: Enabled
# schema:
# type: boolean
# default: false
# show_subquestions_if: true
# subquestions:
# - variable: target
# label: Target
# description: Deployment name, Defaults to Main Deployment
# schema:
# type: string
# default: ""
# - variable: minReplicas
# label: Minimum Replicas
# schema:
# type: int
# default: 1
# - variable: maxReplicas
# label: Maximum Replicas
# schema:
# type: int
# default: 5
# - variable: targetCPUUtilizationPercentage
# label: Target CPU Utilization Percentage
# schema:
# type: int
# default: 80
# - variable: targetMemoryUtilizationPercentage
# label: Target Memory Utilization Percentage
# schema:
# type: int
# default: 80
- variable: networkPolicy
group: Experimental
label: (Advanced) Network Policy
schema:
type: list
default: []
items:
- variable: netPolicyEntry
label: Network Policy Entry
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
default: ""
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: policyType
label: Policy Type
schema:
type: string
default: ""
enum:
- value: ""
description: Default
- value: ingress
description: Ingress
- value: egress
description: Egress
- value: ingress-egress
description: Ingress and Egress
- variable: egress
label: Egress
schema:
type: list
default: []
items:
- variable: egressEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: to
label: To
schema:
type: list
default: []
items:
- variable: toEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: ipBlock
label: IP Block
schema:
additional_attrs: true
type: dict
attrs:
- variable: cidr
label: CIDR
schema:
type: string
default: ""
- variable: except
label: Except
schema:
type: list
default: []
items:
- variable: exceptint
label: ""
schema:
type: string
- variable: namespaceSelector
label: Namespace Selector
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: podSelector
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: ports
label: Ports
schema:
type: list
default: []
items:
- variable: portsEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
schema:
type: int
- variable: endPort
label: End Port
schema:
type: int
- variable: protocol
label: Protocol
schema:
type: string
default: TCP
enum:
- value: TCP
description: TCP
- value: UDP
description: UDP
- value: SCTP
description: SCTP
- variable: ingress
label: Ingress
schema:
type: list
default: []
items:
- variable: ingressEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: from
label: From
schema:
type: list
default: []
items:
- variable: fromEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: ipBlock
label: IP Block
schema:
additional_attrs: true
type: dict
attrs:
- variable: cidr
label: CIDR
schema:
type: string
default: ""
- variable: except
label: Except
schema:
type: list
default: []
items:
- variable: exceptint
label: ""
schema:
type: string
- variable: namespaceSelector
label: Namespace Selector
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: podSelector
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: matchExpressions
label: Match Expressions
schema:
type: list
default: []
items:
- variable: expressionEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: key
label: Key
schema:
type: string
- variable: operator
label: Operator
schema:
type: string
default: TCP
enum:
- value: In
description: In
- value: NotIn
description: NotIn
- value: Exists
description: Exists
- value: DoesNotExist
description: DoesNotExist
- variable: values
label: Values
schema:
type: list
default: []
items:
- variable: value
label: ""
schema:
type: string
- variable: ports
label: Ports
schema:
type: list
default: []
items:
- variable: portsEntry
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
schema:
type: int
- variable: endPort
label: End Port
schema:
type: int
- variable: protocol
label: Protocol
schema:
type: string
default: TCP
enum:
- value: TCP
description: TCP
- value: UDP
description: UDP
- value: SCTP
description: SCTP
- variable: addons
group: Addons
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: codeserver
label: Codeserver
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: service
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: Service Type
description: "ClusterIP's are only internally available and Loadbalancer exposes the service using the system loadbalancer"
schema:
type: string
default: LoadBalancer
enum:
- value: NodePort
description: Deprecated CHANGE THIS
- value: ClusterIP
description: ClusterIP
- value: LoadBalancer
description: LoadBalancer
- variable: loadBalancerIP
label: LoadBalancer IP
description: "MetalLB Only: Selects the Loadbalancer IP to expose on. Required when using PortalButton with MetalLB"
schema:
show_if: [["type", "=", "LoadBalancer"]]
type: string
default: ""
- variable: ports
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: codeserver
label: ""
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: Port
schema:
type: int
default: 36107
- variable: ingress
label: "Ingress"
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enable Ingress
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: hosts
label: Hosts
schema:
type: list
default: []
items:
- variable: hostEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: host
label: HostName
schema:
type: string
default: ""
required: true
- variable: paths
label: Paths
schema:
type: list
default: [{path: "/", pathType: "Prefix"}]
items:
- variable: pathEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: path
label: Path
schema:
type: string
required: true
default: "/"
- variable: pathType
label: Path Type
schema:
type: string
required: true
default: Prefix
- variable: integrations
label: Integrations
description: Connect ingress with other charts
schema:
additional_attrs: true
type: dict
attrs:
- variable: traefik
label: Traefik
description: Connect ingress with Traefik
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: true
- variable: allowCors
label: 'Allow Cross Origin Requests (advanced)'
schema:
type: boolean
default: false
show_if: [["enabled", "=", true]]
- variable: entrypoints
label: Entrypoints
schema:
type: list
default: ["websecure"]
show_if: [["enabled", "=", true]]
items:
- variable: entrypoint
label: Entrypoint
schema:
type: string
- variable: middlewares
label: Middlewares
schema:
type: list
default: []
show_if: [["enabled", "=", true]]
items:
- variable: middleware
label: Middleware
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: name
schema:
type: string
default: ""
required: true
- variable: namespace
label: 'namespace (optional)'
schema:
type: string
default: ""
- variable: certManager
label: certManager
description: Connect ingress with certManager
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: enabled
schema:
type: boolean
default: false
- variable: certificateIssuer
label: certificateIssuer
description: defaults to chartname
schema:
type: string
default: ""
show_if: [["enabled", "=", true]]
- variable: advanced
label: Show Advanced Settings
description: Advanced settings are not covered by TrueCharts Support
schema:
type: boolean
default: false
- variable: ingressClassName
label: (Advanced/Optional) IngressClass Name
schema:
type: string
show_if: [["advanced", "=", true]]
default: ""
- variable: tls
label: TLS-Settings
schema:
type: list
show_if: [["advanced", "=", true]]
default: []
items:
- variable: tlsEntry
label: Host
schema:
additional_attrs: true
type: dict
attrs:
- variable: hosts
label: Certificate Hosts
schema:
type: list
default: []
items:
- variable: host
label: Host
schema:
type: string
default: ""
required: true
- variable: certificateIssuer
label: Use Cert-Manager clusterIssuer
description: 'add the name of your cert-manager clusterIssuer here for automatic tls certificates.'
schema:
type: string
default: ""
- variable: clusterCertificate
label: 'Cluster Certificate (Advanced)'
description: 'Add the name of your cluster-wide certificate, that you set up in the ClusterIssuer chart.'
schema:
type: string
show_if: [["certificateIssuer", "=", ""]]
default: ""
- variable: secretName
label: 'Use Custom Certificate Secret (Advanced)'
schema:
show_if: [["certificateIssuer", "=", ""]]
type: string
default: ""
- variable: scaleCert
label: 'Use TrueNAS SCALE Certificate (Deprecated)'
schema:
show_if: [["certificateIssuer", "=", ""]]
type: int
$ref:
- "definitions/certificate"
- variable: envList
label: Codeserver Environment Variables
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: Value
schema:
type: string
required: true
- variable: netshoot
label: Netshoot
schema:
additional_attrs: true
type: dict
attrs:
- variable: enabled
label: Enabled
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: envList
label: Netshoot Environment Variables
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: Value
schema:
type: string
required: true
- variable: vpn
label: VPN
schema:
additional_attrs: true
type: dict
attrs:
- variable: type
label: Type
schema:
type: string
default: disabled
enum:
- value: disabled
description: disabled
- value: gluetun
description: Gluetun
- value: tailscale
description: Tailscale
- value: openvpn
description: OpenVPN (Deprecated)
- value: wireguard
description: Wireguard (Deprecated)
- variable: openvpn
label: OpenVPN Settings
schema:
additional_attrs: true
type: dict
show_if: [["type", "=", "openvpn"]]
attrs:
- variable: username
label: Authentication Username (Optional)
description: Authentication Username, Optional
schema:
type: string
default: ""
- variable: password
label: Authentication Password
description: Authentication Credentials
schema:
type: string
show_if: [["username", "!=", ""]]
default: ""
required: true
- variable: tailscale
label: Tailscale Settings
schema:
additional_attrs: true
type: dict
show_if: [["type", "=", "tailscale"]]
attrs:
- variable: authkey
label: Authentication Key
description: Provide an auth key to automatically authenticate the node as your user account.
schema:
type: string
private: true
default: ""
- variable: auth_once
label: Auth Once
description: Only attempt to log in if not already logged in.
schema:
type: boolean
default: true
- variable: accept_dns
label: Accept DNS
description: Accept DNS configuration from the admin console.
schema:
type: boolean
default: false
- variable: userspace
label: Userspace
description: Userspace Networking mode allows running Tailscale where you do not have access to create a VPN tunnel device.
schema:
type: boolean
default: false
- variable: routes
label: Routes
description: Expose physical subnet routes to your entire Tailscale network.
schema:
type: string
default: ""
- variable: dest_ip
label: Destination IP
description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
schema:
type: string
default: ""
- variable: sock5_server
label: Sock5 Server
description: The address on which to listen for SOCKS5 proxying into the tailscale net.
schema:
type: string
default: ""
- variable: outbound_http_proxy_listen
label: Outbound HTTP Proxy Listen
description: The address on which to listen for HTTP proxying into the tailscale net.
schema:
type: string
default: ""
- variable: extra_args
label: Extra Args
description: Extra Args
schema:
type: string
default: ""
- variable: daemon_extra_args
label: Tailscale Daemon Extra Args
description: Tailscale Daemon Extra Args
schema:
type: string
default: ""
- variable: killSwitch
label: Enable Killswitch
schema:
type: boolean
show_if: [["type", "!=", "disabled"]]
default: true
- variable: excludedNetworks_IPv4
label: Killswitch Excluded IPv4 networks
description: List of Killswitch Excluded IPv4 Addresses
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: networkv4
label: IPv4 Network
schema:
type: string
required: true
- variable: excludedNetworks_IPv6
label: Killswitch Excluded IPv6 networks
description: "List of Killswitch Excluded IPv6 Addresses"
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: networkv6
label: IPv6 Network
schema:
type: string
required: true
- variable: configFile
label: VPN Config File Location
schema:
type: string
show_if: [["type", "!=", "disabled"]]
default: ""
- variable: envList
label: VPN Environment Variables
schema:
type: list
show_if: [["type", "!=", "disabled"]]
default: []
items:
- variable: envItem
label: Environment Variable
schema:
additional_attrs: true
type: dict
attrs:
- variable: name
label: Name
schema:
type: string
required: true
- variable: value
label: Value
schema:
type: string
required: true
max_length: 10240
- variable: docs
group: Documentation
label: Please read the documentation at https://truecharts.org
description: Please read the documentation at
<br /><a href="https://truecharts.org">https://truecharts.org</a>
schema:
additional_attrs: true
type: dict
attrs:
- variable: confirmDocs
label: I have checked the documentation
schema:
type: boolean
default: true
- variable: donateNag
group: Documentation
label: Please consider supporting TrueCharts, see https://truecharts.org/sponsor
description: Please consider supporting TrueCharts, see
<br /><a href="https://truecharts.org/sponsor">https://truecharts.org/sponsor</a>
schema:
additional_attrs: true
type: dict
attrs:
- variable: confirmDonate
label: I have considered donating
schema:
type: boolean
default: true
hidden: true
- variable: warning
group: Documentation
label: 'WARNING: If installed, be sure to move the TrueNAS GUI to another port (not 80 or 443).'
description: 'See: <br /><a href="https://truecharts.org/charts/premium/traefik/how-to">https://truecharts.org/charts/premium/traefik/how-to</a> for more info.'
schema:
additional_attrs: true
type: dict
attrs:
- variable: warningconfim
label: I am aware that I will brick my system, if I did not follow the instructions.
schema:
type: boolean
default: true
required: true