2021-04-13 15:02:41 +00:00
groups :
- name : "Container Image"
description : "Image to be used for container"
- name : "Workload Configuration"
description : "Configure workload deployment"
- name : "Configuration"
description : "additional container configuration"
- name : "Networking"
2021-05-22 15:59:46 +00:00
description : "Configure Network and Services for container"
2021-04-13 15:02:41 +00:00
- name : "Storage"
description : "Persist and share data that is separate from the lifecycle of the container"
2021-04-15 21:30:44 +00:00
- name : "Resources and Devices"
description : "Specify resources/devices to be allocated to workload"
2021-05-22 15:59:46 +00:00
- name : "Ingress Configuration"
description : "Ingress Configuration"
- name : "Security"
description : "Configure security context"
2021-04-13 15:02:41 +00:00
- name : "Advanced"
description : "Advanced Configuration"
- name : "WARNING"
description : "WARNING"
portals :
web_portal :
protocols :
- "$kubernetes-resource_configmap_portal_protocol"
host :
- "$kubernetes-resource_configmap_portal_host"
ports :
- "$kubernetes-resource_configmap_portal_port"
questions :
- variable : portal
group : "Container Image"
label : "Configure Portal Button"
schema :
type : dict
hidden : true
attrs :
- variable : enabled
label : "Enable"
description : "enable the portal button"
schema :
hidden : true
editable : false
type : boolean
default : true
# Update Policy
- variable : strategyType
group : "Container Image"
label : "Update Strategy"
schema :
type : string
default : "Recreate"
enum :
- value : "RollingUpdate"
description : "Create new pods and then kill old ones"
- value : "Recreate"
description : "Kill existing pods before creating new ones"
2021-05-22 15:59:46 +00:00
# Configure Bitwarden:
2021-04-13 15:02:41 +00:00
- variable : bitwardenrs
label : ""
group : "Configuration"
schema :
type : dict
attrs :
- variable : yubico
label : "Yubico OPT authentication"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable Yubico OPT authentication"
description : "Please refer to the manual at: https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : server
label : "Yubico server"
description : "Defaults to YubiCloud"
schema :
type : string
default : ""
- variable : clientId
label : "Yubico ID"
schema :
type : string
default : ""
- variable : secretKey
label : "Yubico Secret Key"
schema :
type : string
default : ""
- variable : admin
label : "Admin Portal"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable Admin Portal"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : disableAdminToken
label : "Make Accessible Without Password/Token"
schema :
type : boolean
default : false
- variable : token
label : "Admin Portal Password/Token"
description : "Will be automatically generated if not defined"
schema :
type : string
default : ""
- variable : icons
label : "Icon Download Settings"
schema :
type : dict
attrs :
- variable : disableDownload
label : "Disable Icon Download"
description : "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
schema :
type : boolean
default : false
- variable : cache
label : "Cache time-to-live"
description : "Cache time-to-live for icons fetched. 0 means no purging"
schema :
type : int
default : 2592000
- variable : token
label : "Failed Downloads Cache time-to-live"
description : "Cache time-to-live for icons that were not available. 0 means no purging."
schema :
type : int
default : 2592000
- variable : log
label : "Logging"
schema :
type : dict
attrs :
- variable : level
label : "Log level"
schema :
type : string
default : "info"
required : true
enum :
- value : "trace"
description : "trace"
- value : "debug"
description : "debug"
- value : "info"
description : "info"
- value : "warn"
description : "warn"
- value : "error"
description : "error"
- value : "off"
description : "off"
- variable : file
label : "Log-File Location"
schema :
type : string
default : ""
- variable : smtp
label : "SMTP Settings (Email)"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable SMTP Support"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : host
label : "SMTP hostname"
schema :
type : string
required : true
default : ""
- variable : from
label : "SMTP sender e-mail address"
schema :
type : string
required : true
default : ""
- variable : fromName
label : "SMTP sender name"
schema :
type : string
required : true
default : ""
- variable : user
label : "SMTP username"
schema :
type : string
required : true
default : ""
- variable : password
label : "SMTP password"
description : "Required is user is specified, ignored if no user provided"
schema :
type : string
default : ""
- variable : ssl
label : "Enable SSL connection"
schema :
type : boolean
default : true
- variable : port
label : "SMTP port"
description : "Usually: 25 without SSL, 587 with SSL"
schema :
type : int
default : 587
- variable : authMechanism
label : "SMTP Authentication Mechanisms"
description : "Comma-separated options: Plain, Login and Xoauth2"
schema :
type : string
default : "Plain"
- variable : heloName
label : "SMTP HELO - Hostname"
description : "Hostname to be sent for SMTP HELO. Defaults to pod name"
schema :
type : string
default : ""
- variable : port
label : "SMTP timeout"
schema :
type : int
default : 15
- variable : invalidHostname
label : "Accept Invalid Hostname"
description : "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
schema :
type : boolean
default : false
- variable : invalidCertificate
label : "Accept Invalid Certificate"
description : "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
schema :
type : boolean
default : false
- variable : allowSignups
label : "Allow Signup"
description : "Allow any user to sign-up: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users"
schema :
type : boolean
default : true
- variable : allowInvitation
label : "Always allow Invitation"
description : "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations"
schema :
type : boolean
default : true
- variable : defaultInviteName
label : "Default Invite Organisation Name"
description : "Default organization name in invitation e-mails that are not coming from a specific organization."
schema :
type : string
default : ""
- variable : showPasswordHint
label : "Show password hints"
description : "https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display"
schema :
type : boolean
default : true
- variable : signupwhitelistenable
label : "Enable Signup Whitelist"
description : "allowSignups is ignored if set"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : signupDomains
label : "Signup Whitelist Domains"
schema :
type : list
default : [ ]
items :
- variable : domain
label : "Domain"
schema :
type : string
default : ""
- variable : verifySignup
label : "Verifiy Signup"
description : "Verify e-mail before login is enabled. SMTP must be enabled"
schema :
type : boolean
default : false
- variable : requireEmail
label : "Block Login if email fails"
description : "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
schema :
type : boolean
default : false
- variable : emailAttempts
label : "Email token reset attempts"
description : "Maximum attempts before an email token is reset and a new email will need to be sent"
schema :
type : int
default : 3
- variable : emailTokenExpiration
label : "Email token validity in seconds"
schema :
type : int
default : 600
- variable : enableWebsockets
label : "Enable Websocket Connections"
description : "Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications"
schema :
type : boolean
default : true
hidden : true
- variable : enableWebVault
label : "Enable Webvault"
description : "Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
schema :
type : boolean
default : true
- variable : orgCreationUsers
label : "Limit Organisation Creation to (users)"
description : "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
schema :
type : string
default : "all"
- variable : attachmentLimitOrg
label : "Limit Attachment Disk Usage per Organisation"
schema :
type : string
default : ""
- variable : attachmentLimitUser
label : "Limit Attachment Disk Usage per User"
schema :
type : string
default : ""
- variable : hibpApiKey
label : "HaveIBeenPwned API Key"
description : "Can be purchased at https://haveibeenpwned.com/API/Key"
schema :
type : string
default : ""
2021-05-22 15:59:46 +00:00
- variable : env
group : "Configuration"
label : "Image Environment"
schema :
type : dict
attrs :
2021-05-22 23:15:39 +00:00
- variable : timezone
label : "Timezone"
schema :
type : string
default : "Etc/UTC"
$ref :
- "definitions/timezone"
2021-05-22 15:59:46 +00:00
- variable : UMASK
label : "UMASK"
description : "Sets the UMASK env var for LinuxServer.io (compatible) containers"
schema :
type : string
default : "002"
2021-04-13 15:02:41 +00:00
# Configure Enviroment Variables
2021-05-22 15:59:46 +00:00
- variable : envList
2021-04-13 15:02:41 +00:00
label : "Image environment"
group : "Configuration"
schema :
type : list
default : [ ]
items :
2021-05-22 15:59:46 +00:00
- variable : envItem
2021-04-13 15:02:41 +00:00
label : "Environment Variable"
schema :
type : dict
attrs :
- variable : name
label : "Name"
schema :
type : string
- variable : value
label : "Value"
schema :
type : string
# Enable Host Networking
- variable : hostNetwork
group : "Networking"
label : "Enable Host Networking"
schema :
type : boolean
default : false
2021-04-14 09:25:46 +00:00
hidden : true
2021-05-22 15:59:46 +00:00
- variable : service
2021-04-13 15:02:41 +00:00
group : "Networking"
2021-05-22 15:59:46 +00:00
label : "Configure Service(s)"
2021-04-13 15:02:41 +00:00
schema :
type : dict
attrs :
- variable : main
2021-05-22 15:59:46 +00:00
label : "Main Service"
2021-04-13 15:02:41 +00:00
description : "The Primary service on which the healthcheck runs, often the webUI"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable the service"
schema :
type : boolean
default : true
hidden : true
- variable : type
2021-05-22 15:59:46 +00:00
label : "Service Type"
description : "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
2021-04-13 15:02:41 +00:00
schema :
type : string
2021-05-22 15:59:46 +00:00
default : "NodePort"
2021-04-13 15:02:41 +00:00
enum :
2021-05-22 15:59:46 +00:00
- value : "NodePort"
description : "NodePort"
2021-04-13 15:02:41 +00:00
- value : "ClusterIP"
description : "ClusterIP"
2021-05-22 15:59:46 +00:00
- value : "LoadBalancer"
description : "LoadBalancer"
- variable : loadBalancerIP
label : "LoadBalancer IP"
description : "LoadBalancerIP"
2021-04-13 15:02:41 +00:00
schema :
2021-05-22 15:59:46 +00:00
show_if : [ [ "type" , "=" , "LoadBalancer" ] ]
type : string
default : ""
- variable : externalIPs
label : "External IP's"
description : "External IP's"
schema :
show_if : [ [ "type" , "=" , "LoadBalancer" ] ]
type : list
default : [ ]
items :
- variable : externalIP
label : "External IP"
2021-04-13 15:02:41 +00:00
schema :
type : string
2021-05-22 15:59:46 +00:00
- variable : ports
label : "Service's Port(s) Configuration"
schema :
type : dict
attrs :
- variable : main
label : "Main Service Port Configuration"
2021-04-13 15:02:41 +00:00
schema :
2021-05-22 15:59:46 +00:00
type : dict
attrs :
- variable : protocol
label : "Port Type"
schema :
type : string
default : "HTTP"
hidden : false
enum :
- value : HTTP
description : "HTTP"
- value : "HTTPS"
description : "HTTPS"
- value : TCP
description : "TCP"
- value : "UDP"
description : "UDP"
- variable : port
label : "Container Port"
schema :
type : int
default : 8080
editable : false
hidden : true
- variable : targetport
label : "Target Port"
description : "This port exposes the container port on the service"
schema :
type : int
default : 8080
editable : true
hidden : false
required : true
- variable : nodePort
label : "Node Port (Optional)"
description : "This port gets exposed to the node. Only considered when service type is NodePort"
schema :
type : int
min : 9000
max : 65535
default : 36000
required : true
2021-04-13 15:02:41 +00:00
- variable : ws
2021-05-22 15:59:46 +00:00
label : "WebSocket Service"
description : "WebSocket Service"
2021-04-13 15:02:41 +00:00
schema :
type : dict
attrs :
- variable : enabled
label : "Enable the service"
schema :
type : boolean
default : true
hidden : true
- variable : type
2021-05-22 15:59:46 +00:00
label : "Service Type"
description : "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
2021-04-13 15:02:41 +00:00
schema :
type : string
default : "ClusterIP"
enum :
2021-05-22 15:59:46 +00:00
- value : "NodePort"
description : "NodePort"
2021-04-13 15:02:41 +00:00
- value : "ClusterIP"
description : "ClusterIP"
2021-05-22 15:59:46 +00:00
- value : "LoadBalancer"
description : "LoadBalancer"
- variable : loadBalancerIP
label : "LoadBalancer IP"
description : "LoadBalancerIP"
2021-04-13 15:02:41 +00:00
schema :
2021-05-22 15:59:46 +00:00
show_if : [ [ "type" , "=" , "LoadBalancer" ] ]
type : string
default : ""
- variable : externalIPs
label : "External IP's"
description : "External IP's"
schema :
show_if : [ [ "type" , "=" , "LoadBalancer" ] ]
type : list
default : [ ]
items :
- variable : externalIP
label : "External IP"
2021-04-13 15:02:41 +00:00
schema :
type : string
2021-05-22 15:59:46 +00:00
- variable : ports
label : "Service's Port(s) Configuration"
schema :
type : dict
attrs :
- variable : ws
label : "WebSocket Service Port Configuration"
2021-04-13 15:02:41 +00:00
schema :
2021-05-22 15:59:46 +00:00
type : dict
attrs :
- variable : protocol
label : "Port Type"
schema :
type : string
default : "HTTP"
hidden : false
enum :
- value : HTTP
description : "HTTP"
- value : "HTTPS"
description : "HTTPS"
- value : TCP
description : "TCP"
- value : "UDP"
description : "UDP"
- variable : port
label : "Container Port"
schema :
type : int
default : 3012
editable : false
hidden : true
- variable : targetport
label : "Target Port"
description : "This port exposes the container port on the service"
schema :
type : int
default : 3012
editable : true
hidden : false
required : true
- variable : nodePort
label : "Node Port (Optional)"
description : "This port gets exposed to the node. Only considered when service type is NodePort"
schema :
type : int
min : 9000
max : 65535
default : 36001
required : true
## TrueCharts Specific
2021-04-13 15:02:41 +00:00
- variable : persistence
label : "Integrated Persistent Storage"
2021-05-22 15:59:46 +00:00
description : "Integrated Persistent Storage"
2021-04-13 15:02:41 +00:00
group : "Storage"
schema :
type : dict
attrs :
- variable : data
label : "App Config Storage"
description : "Stores the Application Configuration."
schema :
type : dict
attrs :
- variable : enabled
label : "Enable the storage"
schema :
type : boolean
default : true
hidden : true
- variable : storageClass
label : "Type of Storage"
description : " Warning: Anything other than Internal will break rollback!"
schema :
type : string
default : ""
enum :
- value : ""
description : "Internal"
- variable : mountPath
label : "mountPath"
description : "Path inside the container the storage is mounted"
schema :
type : string
default : "/data"
hidden : true
- variable : emptyDir
label : "Mount a ramdisk instead of actual storage"
schema :
type : boolean
default : false
hidden : true
- variable : accessMode
label : "Access Mode (Advanced)"
description : "Allow or disallow multiple PVC's writhing to the same PVC"
schema :
type : string
default : "ReadWriteOnce"
enum :
- value : "ReadWriteOnce"
description : "ReadWriteOnce"
- value : "ReadOnlyMany"
description : "ReadOnlyMany"
- value : "ReadWriteMany"
description : "ReadWriteMany"
- variable : size
label : "Size quotum of storage"
schema :
type : string
default : "100Gi"
- variable : db
label : "Database Storage"
description : "Stores the Application database."
schema :
type : dict
attrs :
- variable : enabled
label : "Enable the storage"
schema :
type : boolean
default : true
hidden : true
- variable : nameOverride
label : "Override PVC Name (advanced)"
description : "Forces a certain name for the PVC"
schema :
type : string
default : "db"
hidden : true
- variable : storageClass
label : "Type of Storage"
description : " Warning: Anything other than Internal will break rollback!"
schema :
type : string
default : ""
enum :
- value : ""
description : "Internal"
- variable : mountPath
label : "mountPath"
description : "Path inside the container the storage is mounted"
schema :
type : string
default : ""
hidden : true
- variable : emptyDir
label : "Mount a ramdisk instead of actual storage"
schema :
type : boolean
default : false
hidden : true
- variable : accessMode
label : "Access Mode (Advanced)"
description : "Allow or disallow multiple PVC's writhing to the same PVC"
schema :
type : string
default : "ReadWriteOnce"
enum :
- value : "ReadWriteOnce"
description : "ReadWriteOnce"
- value : "ReadOnlyMany"
description : "ReadOnlyMany"
- value : "ReadWriteMany"
description : "ReadWriteMany"
- variable : size
label : "Size quotum of storage"
schema :
type : string
default : "100Gi"
- variable : dbbackup
label : "Database Backup Storage"
description : "Stores the Application database backups."
schema :
type : dict
attrs :
- variable : enabled
label : "Enable the storage"
schema :
type : boolean
default : true
hidden : true
- variable : storageClass
label : "Type of Storage"
description : " Warning: Anything other than Internal will break rollback!"
schema :
type : string
default : ""
enum :
- value : ""
description : "Internal"
- variable : mountPath
label : "mountPath"
description : "Path inside the container the storage is mounted"
schema :
type : string
default : ""
hidden : true
- variable : emptyDir
label : "Mount a ramdisk instead of actual storage"
schema :
type : boolean
default : false
hidden : true
- variable : accessMode
label : "Access Mode (Advanced)"
description : "Allow or disallow multiple PVC's writhing to the same PVC"
schema :
type : string
default : "ReadWriteOnce"
enum :
- value : "ReadWriteOnce"
description : "ReadWriteOnce"
- value : "ReadOnlyMany"
description : "ReadOnlyMany"
- value : "ReadWriteMany"
description : "ReadWriteMany"
- variable : size
label : "Size quotum of storage"
schema :
type : string
default : "100Gi"
2021-05-19 13:12:45 +00:00
- variable : hostPathMounts
2021-04-13 15:02:41 +00:00
label : "Custom app storage"
group : "Storage"
schema :
type : list
default : [ ]
items :
- variable : volumeMount
label : "Custom Storage"
schema :
type : dict
attrs :
- variable : enabled
label : "Enabled"
schema :
type : boolean
default : true
required : true
hidden : true
editable : false
- variable : setPermissions
label : "Automatic Permissions"
description : "Automatically set permissions on install"
schema :
type : boolean
default : true
hidden : false
2021-04-15 20:19:56 +00:00
- variable : readOnly
label : "Mount as ReadOnly"
description : "prevent any write from being done to the mounted volume"
schema :
type : boolean
default : false
hidden : false
2021-04-13 15:02:41 +00:00
- variable : emptyDir
label : "emptyDir"
schema :
type : boolean
default : false
hidden : true
editable : false
- variable : mountPath
label : "Mount Path"
description : "Path to mount inside the pod"
schema :
type : path
required : true
default : ""
editable : true
- variable : hostPath
label : "Host Path"
schema :
type : hostpath
required : true
2021-04-14 20:24:09 +00:00
# Enable privileged
- variable : securityContext
2021-05-22 15:59:46 +00:00
group : "Security"
2021-04-14 20:24:09 +00:00
label : "Security Context"
schema :
type : dict
attrs :
- variable : privileged
label : "Enable privileged mode for Common-Chart based charts"
schema :
type : boolean
default : false
# Set Pod Security Policy
- variable : podSecurityContext
2021-05-22 15:59:46 +00:00
group : "Security"
2021-04-14 20:24:09 +00:00
label : "Pod Security Context"
schema :
type : dict
attrs :
- variable : runAsNonRoot
label : "runAsNonRoot"
schema :
type : boolean
default : true
- variable : runAsUser
label : "runAsUser"
description : "The UserID of the user running the application"
schema :
type : int
default : 568
- variable : runAsGroup
label : "runAsGroup"
description : The groupID this App of the user running the application"
schema :
type : int
default : 568
- variable : supplementalGroups
label : "supplementalGroups"
description : "Additional groups this App needs access to"
schema :
type : list
default : [ ]
items :
- variable : Group
label : "Group"
schema :
type : int
default : 568
- variable : fsGroup
label : "fsGroup"
description : "The group that should own ALL storage."
schema :
type : int
default : 568
- variable : fsGroupChangePolicy
label : "When should we take ownership?"
schema :
type : string
default : "OnRootMismatch"
enum :
- value : "OnRootMismatch"
description : "OnRootMismatch"
- value : "Always"
description : "Always"