2021-08-28 11:37:53 +00:00
groups :
- name : "Container Image"
description : "Image to be used for container"
- name : "Controller"
description : "Configure workload deployment"
- name : "Container Configuration"
description : "additional container configuration"
- name : "App Configuration"
description : "App specific config options"
- name : "Networking and Services"
description : "Configure Network and Services for container"
- name : "Storage and Persistence"
description : "Persist and share data that is separate from the container"
- name : "Ingress"
description : "Ingress Configuration"
- name : "Security and Permissions"
description : "Configure security context and permissions"
2021-09-01 16:53:41 +00:00
- name : "Resources and Devices"
2021-08-28 11:37:53 +00:00
description : "Specify resources/devices to be allocated to workload"
- name : "Advanced"
description : "Advanced Configuration"
portals :
web_portal :
protocols :
- "$kubernetes-resource_configmap_portal_protocol"
host :
- "$kubernetes-resource_configmap_portal_host"
ports :
- "$kubernetes-resource_configmap_portal_port"
questions :
- variable : portal
group : "Container Image"
label : "Configure Portal Button"
schema :
type : dict
hidden : true
attrs :
- variable : enabled
label : "Enable"
description : "enable the portal button"
schema :
hidden : true
editable : false
type : boolean
default : true
- variable : controller
group : "Controller"
label : ""
schema :
type : dict
attrs :
- variable : type
description : "Please specify type of workload to deploy"
label : "(Advanced) Controller Type"
schema :
type : string
default : "deployment"
required : true
enum :
- value : "deployment"
description : "Deployment"
- value : "statefulset"
description : "Statefulset"
- value : "daemonset"
description : "Daemonset"
- variable : replicas
description : "Number of desired pod replicas"
label : "Desired Replicas"
schema :
type : int
default : 1
required : true
- variable : strategy
description : "Please specify type of workload to deploy"
label : "(Advanced) Update Strategy"
schema :
type : string
default : "Recreate"
required : true
enum :
- value : "Recreate"
description : "Recreate: Kill existing pods before creating new ones"
- value : "RollingUpdate"
description : "RollingUpdate: Create new pods and then kill old ones"
- value : "OnDelete"
description : "(Legacy) OnDelete: ignore .spec.template changes"
2021-08-30 13:58:30 +00:00
- variable : labelsList
label : "Controller Labels"
schema :
type : list
default : [ ]
items :
- variable : labelItem
label : "Label"
schema :
type : dict
attrs :
- variable : name
label : "Name"
schema :
type : string
- variable : value
label : "Value"
schema :
type : string
- variable : annotationsList
label : " Controller Annotations"
schema :
type : list
default : [ ]
items :
- variable : annotationItem
label : "Label"
schema :
type : dict
attrs :
- variable : name
label : "Name"
schema :
type : string
- variable : value
label : "Value"
schema :
type : string
- variable : podLabelsList
group : "Container Configuration"
label : "Pod Labels"
schema :
type : list
default : [ ]
items :
- variable : podLabelItem
label : "Label"
schema :
type : dict
attrs :
- variable : name
label : "Name"
schema :
type : string
- variable : value
label : "Value"
schema :
type : string
- variable : podAnnotationsList
group : "Container Configuration"
label : "Pod Annotations"
schema :
type : list
default : [ ]
items :
- variable : podAnnotationItem
label : "Label"
schema :
type : dict
attrs :
- variable : name
label : "Name"
schema :
type : string
- variable : value
label : "Value"
schema :
type : string
- variable : termination
group : "Container Configuration"
label : "Termination settings"
schema :
type : dict
attrs :
- variable : gracePeriodSeconds
label : "Grace Period Seconds"
schema :
type : int
default : 10
2021-08-28 11:37:53 +00:00
- variable : env
group : "Container Configuration"
label : "Image Environment"
schema :
type : dict
attrs :
- variable : TZ
label : "Timezone"
schema :
type : string
default : "Etc/UTC"
$ref :
- "definitions/timezone"
- variable : UMASK
label : "UMASK"
description : "Sets the UMASK env var for LinuxServer.io (compatible) containers"
schema :
type : string
default : "002"
# Configure Enviroment Variables
- variable : envList
label : "Image environment"
group : "Container Configuration"
schema :
type : list
default : [ ]
items :
- variable : envItem
label : "Environment Variable"
schema :
type : dict
attrs :
- variable : name
2021-09-02 10:52:34 +00:00
label : "Name"
2021-08-28 11:37:53 +00:00
schema :
type : string
- variable : value
label : "Value"
schema :
type : string
- variable : domain
group : "App Configuration"
label : "Domain"
description : "The highest domain level possible, for example: domain.com when using app.domain.com"
schema :
type : string
default : ""
required : true
- variable : default_redirection_url
group : "App Configuration"
label : "Default Redirection Url"
description : "If user tries to authenticate without any referer, this is used"
schema :
type : string
default : ""
required : false
- variable : theme
group : "App Configuration"
label : "Theme"
schema :
type : string
default : "light"
enum :
- value : "light"
description : "info"
- value : "gray"
description : "gray"
- value : "dark"
description : "dark"
- variable : log
group : "App Configuration"
label : "Log Configuration "
schema :
type : dict
attrs :
- variable : level
label : "Log Level"
schema :
type : string
default : "info"
enum :
- value : "info"
description : "info"
- value : "debug"
description : "debug"
- value : "trace"
description : "trace"
- variable : format
label : "Log Format"
schema :
type : string
default : "text"
enum :
- value : "json"
description : "json"
- value : "text"
description : "text"
- variable : totp
group : "App Configuration"
label : "TOTP Configuration"
schema :
type : dict
attrs :
- variable : issuer
label : "Issuer"
description : "The issuer name displayed in the Authenticator application of your choice"
schema :
type : string
default : ""
- variable : period
label : "Period"
description : "The period in seconds a one-time password is current for"
schema :
type : int
default : 30
- variable : skew
label : "skew"
description : "Controls number of one-time passwords either side of the current one that are valid."
schema :
type : int
default : 1
- variable : duo_api
group : "App Configuration"
label : "DUO API Configuration"
description : "Parameters used to contact the Duo API."
schema :
type : dict
attrs :
- variable : enabled
label : "Enable"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : hostname
label : "Hostname"
schema :
type : string
required : true
default : ""
- variable : integration_key
label : "integration_key"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : plain_api_key
label : "plain_api_key"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : session
group : "App Configuration"
label : "Session Provider"
description : "The session cookies identify the user once logged in."
schema :
type : dict
attrs :
- variable : name
label : "Cookie Name"
description : "The name of the session cookie."
schema :
type : string
required : true
default : "authelia_session"
- variable : same_site
label : "SameSite Value"
description : "Sets the Cookie SameSite value"
schema :
type : string
default : "lax"
enum :
- value : "lax"
description : "lax"
- value : "strict"
description : "strict"
- variable : expiration
label : "Expiration Time"
description : "The time in seconds before the cookie expires and session is reset."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "1h"
2021-08-28 11:37:53 +00:00
required : true
- variable : inactivity
label : "Inactivity Time"
description : "The inactivity time in seconds before the session is reset."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "5m"
2021-08-28 11:37:53 +00:00
required : true
- variable : inactivity
label : "Remember-Me duration"
description : "The remember me duration"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "5M"
2021-08-28 11:37:53 +00:00
required : true
- variable : regulation
group : "App Configuration"
label : "Regulation Configuration"
description : "his mechanism prevents attackers from brute forcing the first factor."
schema :
type : dict
attrs :
- variable : max_retries
label : "Maximum Retries"
description : "The number of failed login attempts before user is banned. Set it to 0 to disable regulation."
schema :
type : int
default : 3
- variable : find_time
label : "Find Time"
description : "The time range during which the user can attempt login before being banned."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "2m"
2021-08-28 11:37:53 +00:00
required : true
- variable : ban_time
label : "Ban Duration"
description : "The length of time before a banned user can login again"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "5m"
2021-08-28 11:37:53 +00:00
required : true
- variable : authentication_backend
group : "App Configuration"
label : "Authentication Backend Provider"
description : "sed for verifying user passwords and retrieve information such as email address and groups users belong to."
schema :
type : dict
attrs :
- variable : disable_reset_password
label : "Disable Reset Password"
description : "Disable both the HTML element and the API for reset password functionality"
schema :
type : boolean
default : false
- variable : refresh_interval
label : "Reset Interval"
description : "The amount of time to wait before we refresh data from the authentication backend"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "5m"
2021-08-28 11:37:53 +00:00
required : true
- variable : ldap
label : "LDAP backend configuration"
description : "Used for verifying user passwords and retrieve information such as email address and groups users belong to"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : implementation
label : "Implementation"
description : "The LDAP implementation, this affects elements like the attribute utilised for resetting a password"
schema :
type : string
default : "custom"
enum :
- value : "activedirectory"
description : "activedirectory"
- value : "custom"
description : "custom"
- variable : url
label : "URL"
description : "The url to the ldap server. Format: <scheme>://<address>[:<port>]"
schema :
type : string
default : "ldap://openldap.default.svc.cluster.local"
required : true
- variable : timeout
label : "Connection Timeout"
schema :
type : string
default : "5s"
required : true
- variable : start_tls
label : "Start TLS"
description : "Use StartTLS with the LDAP connection"
schema :
type : boolean
default : false
- variable : tls
label : "TLS Settings"
schema :
type : dict
attrs :
- variable : server_name
label : "Server Name"
description : "Server Name for certificate validation (in case it's not set correctly in the URL)."
schema :
type : string
default : ""
- variable : skip_verify
label : "Skip Certificate Verification"
description : "Skip verifying the server certificate (to allow a self-signed certificate)"
schema :
type : boolean
default : false
- variable : minimum_version
label : "Minimum TLS version"
description : "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
schema :
type : string
default : "TLS1.2"
enum :
- value : "TLS1.0"
description : "TLS1.0"
- value : "TLS1.1"
description : "TLS1.1"
- value : "TLS1.2"
description : "TLS1.2"
- value : "TLS1.3"
description : "TLS1.3"
- variable : base_dn
label : "Base DN"
description : "The base dn for every LDAP query."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "DC=example,DC=com"
2021-08-28 11:37:53 +00:00
required : true
- variable : username_attribute
label : "Username Attribute"
description : "The attribute holding the username of the user"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : additional_users_dn
label : "Additional Users DN"
description : "An additional dn to define the scope to all users."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "OU=Users"
2021-08-28 11:37:53 +00:00
required : true
- variable : users_filter
label : "Users Filter"
description : "The groups filter used in search queries to find the groups of the user."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : additional_groups_dn
label : "Additional Groups DN"
description : "An additional dn to define the scope of groups."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "OU=Groups"
2021-08-28 11:37:53 +00:00
required : true
- variable : groups_filter
label : "Groups Filter"
description : "The groups filter used in search queries to find the groups of the user."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : group_name_attribute
label : "Group name Attribute"
description : "The attribute holding the name of the group"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : mail_attribute
label : "Mail Attribute"
description : "The attribute holding the primary mail address of the user"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : display_name_attribute
label : "Display Name Attribute"
description : "he attribute holding the display name of the user. This will be used to greet an authenticated user."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
- variable : user
label : "Admin User"
description : "The username of the admin user used to connect to LDAP."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "CN=Authelia,DC=example,DC=com"
2021-08-28 11:37:53 +00:00
required : true
- variable : plain_password
label : "Password"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : file
label : "File backend configuration"
description : "With this backend, the users database is stored in a file which is updated when users reset their passwords."
schema :
type : dict
attrs :
- variable : enabled
label : "Enable"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : path
label : "Path"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "/config/users_database.yml"
2021-08-28 11:37:53 +00:00
required : true
- variable : password
label : "Password Settings"
schema :
type : dict
attrs :
- variable : algorithm
label : "Algorithm"
schema :
type : string
default : "argon2id"
enum :
- value : "argon2id"
description : "argon2id"
- value : "sha512"
description : "sha512"
- variable : iterations
label : "Iterations"
schema :
type : int
default : 1
required : true
- variable : key_length
label : "Key Length"
schema :
type : int
default : 32
required : true
- variable : salt_length
label : "Salt Length"
schema :
type : int
default : 16
required : true
- variable : memory
label : "Memory"
schema :
type : int
default : 1024
required : true
- variable : parallelism
label : "Parallelism"
schema :
type : int
default : 8
required : true
- variable : notifier
group : "App Configuration"
label : "Notifier Configuration"
description : "otifications are sent to users when they require a password reset, a u2f registration or a TOTP registration."
schema :
type : dict
attrs :
- variable : disable_startup_check
label : "Disable Startup Check"
schema :
type : boolean
default : false
- variable : filesystem
label : "Filesystem Provider"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : filename
label : "File Path"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "/config/notification.txt"
2021-08-28 11:37:53 +00:00
required : true
- variable : smtp
label : "SMTP Provider"
description : "Use a SMTP server for sending notifications. Authelia uses the PLAIN or LOGIN methods to authenticate."
schema :
type : dict
attrs :
- variable : enabled
label : "Enable"
schema :
type : boolean
default : true
show_subquestions_if : true
subquestions :
- variable : host
label : "Host"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "smtp.mail.svc.cluster.local"
2021-08-28 11:37:53 +00:00
required : true
- variable : port
label : "Port"
schema :
type : int
2021-08-31 19:18:06 +00:00
default : 25
2021-08-28 11:37:53 +00:00
required : true
- variable : timeout
label : "Timeout"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "5s"
2021-08-28 11:37:53 +00:00
required : true
- variable : username
label : "Username"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : plain_password
label : "Password"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : sender
label : "Sender"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : ""
2021-08-28 11:37:53 +00:00
required : true
- variable : identifier
label : "Identifier"
description : "HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "localhost"
2021-08-28 11:37:53 +00:00
required : true
- variable : subject
label : "Subject"
description : "Subject configuration of the emails sent, {title} is replaced by the text from the notifier"
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "[Authelia] {title}"
2021-08-28 11:37:53 +00:00
required : true
- variable : startup_check_address
label : "Startup Check Address"
description : "This address is used during the startup check to verify the email configuration is correct."
schema :
type : string
2021-08-31 19:18:06 +00:00
default : "test@authelia.com"
2021-08-28 11:37:53 +00:00
required : true
- variable : disable_require_tls
label : "Disable Require TLS"
schema :
type : boolean
default : false
- variable : disable_html_emails
label : "Disable HTML emails"
schema :
type : boolean
default : false
- variable : tls
label : "TLS Settings"
schema :
type : dict
attrs :
- variable : server_name
label : "Server Name"
description : "Server Name for certificate validation (in case it's not set correctly in the URL)."
schema :
type : string
default : ""
- variable : skip_verify
label : "Skip Certificate Verification"
description : "Skip verifying the server certificate (to allow a self-signed certificate)"
schema :
type : boolean
default : false
- variable : minimum_version
label : "Minimum TLS version"
description : "Minimum TLS version for either Secure LDAP or LDAP StartTLS."
schema :
type : string
default : "TLS1.2"
enum :
- value : "TLS1.0"
description : "TLS1.0"
- value : "TLS1.1"
description : "TLS1.1"
- value : "TLS1.2"
description : "TLS1.2"
- value : "TLS1.3"
description : "TLS1.3"
- variable : access_control
group : "App Configuration"
label : "Access Control Configuration"
description : "Access control is a list of rules defining the authorizations applied for one resource to users or group of users."
schema :
type : dict
attrs :
- variable : default_policy
label : "Default Policy"
description : "Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'."
schema :
type : string
default : "two_factor"
enum :
- value : "bypass"
description : "bypass"
- value : "one_factor"
description : "one_factor"
- value : "two_factor"
description : "two_factor"
- value : "deny"
description : "deny"
- variable : networks
label : "Networks"
schema :
type : list
default : [ ]
items :
- variable : networkItem
label : "Network Item"
schema :
type : dict
attrs :
- variable : name
label : "Name"
schema :
type : string
default : ""
required : true
- variable : networks
label : "Networks"
schema :
type : list
default : [ ]
items :
- variable : network
label : "network"
schema :
type : string
default : ""
required : true
- variable : rules
label : "Rules"
schema :
type : list
default : [ ]
items :
- variable : rulesItem
label : "Rule"
schema :
type : dict
attrs :
- variable : domain
2021-09-01 16:38:03 +00:00
label : "Domains"
2021-08-28 11:37:53 +00:00
description : "defines which domain or set of domains the rule applies to."
schema :
2021-09-01 16:38:03 +00:00
type : list
default : [ ]
items :
- variable : domainEntry
label : "Domain"
schema :
type : string
default : ""
required : true
2021-08-28 11:37:53 +00:00
- variable : policy
label : "Policy"
description : "The policy to apply to resources. It must be either 'bypass', 'one_factor', 'two_factor' or 'deny'."
schema :
type : string
default : "two_factor"
enum :
- value : "bypass"
description : "bypass"
- value : "one_factor"
description : "one_factor"
- value : "two_factor"
description : "two_factor"
- value : "deny"
2021-09-01 17:24:48 +00:00
description : "deny"
2021-08-28 11:37:53 +00:00
- variable : subject
label : "Subject"
description : "defines the subject to apply authorizations to. This parameter is optional and matching any user if not provided"
schema :
type : list
default : [ ]
items :
- variable : subjectitem
label : "Subject"
schema :
type : string
default : ""
required : true
- variable : networks
label : "Networks"
schema :
type : list
default : [ ]
items :
- variable : network
label : "Network"
schema :
type : string
default : ""
required : true
- variable : resources
label : "Resources"
description : "is a list of regular expressions that matches a set of resources to apply the policy to"
schema :
type : list
default : [ ]
items :
- variable : resource
label : "Resource"
schema :
type : string
default : ""
required : true
- variable : hostNetwork
group : "Networking and Services"
label : "Enable Host Networking"
schema :
type : boolean
default : false
- variable : service
group : "Networking and Services"
label : "Configure Service(s)"
schema :
type : dict
attrs :
- variable : main
label : "Main Service"
description : "The Primary service on which the healthcheck runs, often the webUI"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable the service"
schema :
type : boolean
default : true
hidden : true
- variable : type
label : "Service Type"
description : "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
schema :
type : string
default : "NodePort"
enum :
- value : "NodePort"
description : "NodePort"
- value : "ClusterIP"
description : "ClusterIP"
- value : "LoadBalancer"
description : "LoadBalancer"
- variable : loadBalancerIP
label : "LoadBalancer IP"
description : "LoadBalancerIP"
schema :
show_if : [ [ "type" , "=" , "LoadBalancer" ] ]
type : string
default : ""
- variable : externalIPs
label : "External IP's"
description : "External IP's"
schema :
show_if : [ [ "type" , "=" , "LoadBalancer" ] ]
type : list
default : [ ]
items :
- variable : externalIP
label : "External IP"
schema :
type : string
- variable : ports
label : "Service's Port(s) Configuration"
schema :
type : dict
attrs :
- variable : main
label : "Main Service Port Configuration"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable the port"
schema :
type : boolean
default : true
hidden : true
- variable : protocol
label : "Port Type"
schema :
type : string
default : "HTTP"
enum :
- value : HTTP
description : "HTTP"
- value : "HTTPS"
description : "HTTPS"
- value : TCP
description : "TCP"
- value : "UDP"
description : "UDP"
2021-08-30 20:55:51 +00:00
- variable : targetPort
label : "Target Port"
description : "This port exposes the container port on the service"
2021-08-28 11:37:53 +00:00
schema :
type : int
default : 9091
editable : false
hidden : true
2021-08-30 20:55:51 +00:00
- variable : port
label : "Container Port"
2021-08-28 11:37:53 +00:00
schema :
type : int
default : 9091
editable : true
required : true
- variable : nodePort
label : "Node Port (Optional)"
description : "This port gets exposed to the node. Only considered when service type is NodePort"
schema :
type : int
min : 9000
max : 65535
2021-08-28 19:59:30 +00:00
default : 36095
2021-08-28 11:37:53 +00:00
required : true
- variable : persistence
label : "Integrated Persistent Storage"
description : "Integrated Persistent Storage"
group : "Storage and Persistence"
schema :
type : dict
attrs :
- variable : config
label : "App Config Storage"
description : "Stores the Application Configuration."
schema :
type : dict
attrs :
- variable : enabled
label : "Enable the storage"
schema :
type : boolean
default : true
- variable : type
label : "(Advanced) Type of Storage"
description : "Sets the persistence type"
schema :
type : string
default : "pvc"
enum :
- value : "pvc"
description : "pvc"
- value : "emptyDir"
description : "emptyDir"
- value : "hostPath"
description : "hostPath"
- variable : storageClass
label : "(Advanced) storageClass"
description : " Warning: Anything other than SCALE-ZFS will break rollback!"
schema :
show_if : [ [ "type" , "=" , "pvc" ] ]
type : string
default : "SCALE-ZFS"
- variable : setPermissions
label : "Automatic Permissions"
description : "Automatically set permissions on install"
schema :
show_if : [ [ "type" , "=" , "hostPath" ] ]
type : boolean
default : true
- variable : readOnly
label : "readOnly"
schema :
type : boolean
default : false
- variable : hostPath
label : "hostPath"
description : "Path inside the container the storage is mounted"
schema :
show_if : [ [ "type" , "=" , "hostPath" ] ]
type : hostpath
- variable : hostPathType
label : "hostPath Type"
schema :
show_if : [ [ "type" , "=" , "hostPath" ] ]
type : string
default : ""
enum :
- value : ""
description : "Default"
- value : "DirectoryOrCreate"
description : "DirectoryOrCreate"
- value : "Directory"
description : "Directory"
- value : "FileOrCreate"
description : "FileOrCreate"
- value : "File"
description : "File"
- value : "Socket"
description : "Socket"
- value : "CharDevice"
description : "CharDevice"
- value : "BlockDevice"
description : "BlockDevice"
- variable : mountPath
label : "mountPath"
description : "Path inside the container the storage is mounted"
schema :
type : string
default : "/config"
hidden : true
- variable : medium
label : "EmptyDir Medium"
schema :
show_if : [ [ "type" , "=" , "emptyDir" ] ]
type : string
default : ""
enum :
- value : ""
description : "Default"
- value : "Memory"
description : "Memory"
- variable : accessMode
label : "Access Mode (Advanced)"
description : "Allow or disallow multiple PVC's writhing to the same PV"
schema :
show_if : [ [ "type" , "=" , "pvc" ] ]
type : string
default : "ReadWriteOnce"
enum :
- value : "ReadWriteOnce"
description : "ReadWriteOnce"
- value : "ReadOnlyMany"
description : "ReadOnlyMany"
- value : "ReadWriteMany"
description : "ReadWriteMany"
- variable : size
label : "Size quotum of storage"
schema :
show_if : [ [ "type" , "=" , "pvc" ] ]
type : string
default : "100Gi"
- variable : persistenceList
label : "Additional app storage"
group : "Storage and Persistence"
schema :
type : list
default : [ ]
items :
- variable : persistenceListEntry
label : "Custom Storage"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable the storage"
schema :
type : boolean
default : true
- variable : type
label : "(Advanced) Type of Storage"
description : "Sets the persistence type"
schema :
type : string
default : "hostPath"
enum :
- value : "pvc"
description : "pvc"
- value : "emptyDir"
description : "emptyDir"
- value : "hostPath"
description : "hostPath"
- variable : storageClass
label : "(Advanced) storageClass"
description : " Warning: Anything other than SCALE-ZFS will break rollback!"
schema :
show_if : [ [ "type" , "=" , "pvc" ] ]
type : string
default : "SCALE-ZFS"
- variable : setPermissions
label : "Automatic Permissions"
description : "Automatically set permissions on install"
schema :
show_if : [ [ "type" , "=" , "hostPath" ] ]
type : boolean
default : true
- variable : readOnly
label : "readOnly"
schema :
type : boolean
default : false
- variable : hostPath
label : "hostPath"
description : "Path inside the container the storage is mounted"
schema :
show_if : [ [ "type" , "=" , "hostPath" ] ]
type : hostpath
- variable : hostPathType
label : "hostPath Type"
schema :
show_if : [ [ "type" , "=" , "hostPath" ] ]
type : string
default : ""
enum :
- value : ""
description : "Default"
- value : "DirectoryOrCreate"
description : "DirectoryOrCreate"
- value : "Directory"
description : "Directory"
- value : "FileOrCreate"
description : "FileOrCreate"
- value : "File"
description : "File"
- value : "Socket"
description : "Socket"
- value : "CharDevice"
description : "CharDevice"
- value : "BlockDevice"
description : "BlockDevice"
- variable : mountPath
label : "mountPath"
description : "Path inside the container the storage is mounted"
schema :
type : string
required : true
default : ""
- variable : medium
label : "EmptyDir Medium"
schema :
show_if : [ [ "type" , "=" , "emptyDir" ] ]
type : string
default : ""
enum :
- value : ""
description : "Default"
- value : "Memory"
description : "Memory"
- variable : accessMode
label : "Access Mode (Advanced)"
description : "Allow or disallow multiple PVC's writhing to the same PVC"
schema :
show_if : [ [ "type" , "=" , "pvc" ] ]
type : string
default : "ReadWriteOnce"
enum :
- value : "ReadWriteOnce"
description : "ReadWriteOnce"
- value : "ReadOnlyMany"
description : "ReadOnlyMany"
- value : "ReadWriteMany"
description : "ReadWriteMany"
- variable : size
label : "Size quotum of storage"
schema :
show_if : [ [ "type" , "=" , "pvc" ] ]
type : string
default : "100Gi"
- variable : ingress
label : ""
group : "Ingress"
schema :
type : dict
attrs :
- variable : main
label : "Main Ingress"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable Ingress"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : hosts
label : "Hosts"
schema :
type : list
default : [ ]
items :
- variable : hostEntry
label : "Host"
schema :
type : dict
attrs :
- variable : host
label : "HostName"
schema :
type : string
default : ""
required : true
- variable : paths
label : "Paths"
schema :
type : list
default : [ ]
items :
- variable : pathEntry
label : "Host"
schema :
type : dict
attrs :
- variable : path
label : "path"
schema :
type : string
required : true
default : "/"
- variable : pathType
label : "pathType"
schema :
type : string
required : true
default : "Prefix"
- variable : tls
label : "TLS-Settings"
schema :
type : list
default : [ ]
items :
- variable : tlsEntry
label : "Host"
schema :
type : dict
attrs :
- variable : hosts
label : "Certificate Hosts"
schema :
type : list
default : [ ]
items :
- variable : host
label : "Host"
schema :
type : string
default : ""
required : true
- variable : scaleCert
label : "Select TrueNAS SCALE Certificate"
schema :
type : int
$ref :
- "definitions/certificate"
- variable : entrypoint
label : "Traefik Entrypoint"
description : "Entrypoint used by Traefik when using Traefik as Ingress Provider"
schema :
type : string
default : "websecure"
required : true
- variable : middlewares
label : "Traefik Middlewares"
description : "Add previously created Traefik Middlewares to this Ingress"
schema :
type : list
default : [ ]
items :
- variable : name
label : "Name"
schema :
type : string
default : ""
required : true
2021-08-30 13:58:30 +00:00
- variable : ingressList
label : "Additional Ingress"
group : "Ingress"
schema :
type : list
default : [ ]
items :
- variable : ingressListEntry
label : "Custom Ingress"
schema :
type : dict
attrs :
- variable : enabled
label : "Enable Ingress"
schema :
type : boolean
default : true
hidden : true
- variable : name
label : "Name"
schema :
type : string
default : ""
- variable : ingressClassName
label : "IngressClass Name"
schema :
type : string
default : ""
- variable : labelsList
label : "Labels"
schema :
type : list
default : [ ]
items :
- variable : labelItem
label : "Label"
schema :
type : dict
attrs :
- variable : name
label : "Name"
schema :
type : string
- variable : value
label : "Value"
schema :
type : string
- variable : annotationsList
label : "Annotations"
schema :
type : list
default : [ ]
items :
- variable : annotationItem
label : "Label"
schema :
type : dict
attrs :
- variable : name
label : "Name"
schema :
type : string
- variable : value
label : "Value"
schema :
type : string
- variable : hosts
label : "Hosts"
schema :
type : list
default : [ ]
items :
- variable : hostEntry
label : "Host"
schema :
type : dict
attrs :
- variable : host
label : "HostName"
schema :
type : string
default : ""
required : true
- variable : paths
label : "Paths"
schema :
type : list
default : [ ]
items :
- variable : pathEntry
label : "Host"
schema :
type : dict
attrs :
- variable : path
label : "path"
schema :
type : string
required : true
default : "/"
- variable : pathType
label : "pathType"
schema :
type : string
required : true
default : "Prefix"
- variable : service
label : "Linked Service"
schema :
type : dict
attrs :
- variable : name
label : "Service Name"
schema :
type : string
default : ""
- variable : port
label : "Service Port"
schema :
type : int
- variable : tls
label : "TLS-Settings"
schema :
type : list
default : [ ]
items :
- variable : tlsEntry
label : "Host"
schema :
type : dict
attrs :
- variable : hosts
label : "Certificate Hosts"
schema :
type : list
default : [ ]
items :
- variable : host
label : "Host"
schema :
type : string
default : ""
required : true
- variable : scaleCert
label : "Select TrueNAS SCALE Certificate"
schema :
type : int
$ref :
- "definitions/certificate"
- variable : entrypoint
label : "Traefik Entrypoint"
description : "Entrypoint used by Traefik when using Traefik as Ingress Provider"
schema :
type : string
default : "websecure"
required : true
- variable : middlewares
label : "Traefik Middlewares"
description : "Add previously created Traefik Middlewares to this Ingress"
schema :
type : list
default : [ ]
items :
- variable : name
label : "Name"
schema :
type : string
default : ""
required : true
2021-08-28 11:37:53 +00:00
- variable : securityContext
group : "Security and Permissions"
label : "Security Context"
schema :
type : dict
attrs :
- variable : privileged
label : "Privileged mode"
schema :
type : boolean
default : false
- variable : readOnlyRootFilesystem
label : "ReadOnly Root Filesystem"
schema :
type : boolean
default : true
- variable : allowPrivilegeEscalation
label : "Allow Privilege Escalation"
schema :
type : boolean
default : false
- variable : podSecurityContext
group : "Security and Permissions"
label : "Pod Security Context"
schema :
type : dict
attrs :
- variable : runAsNonRoot
label : "runAsNonRoot"
schema :
type : boolean
default : true
- variable : runAsUser
label : "runAsUser"
description : "The UserID of the user running the application"
schema :
type : int
default : 568
- variable : runAsGroup
label : "runAsGroup"
description : The groupID this App of the user running the application"
schema :
type : int
default : 568
- variable : fsGroup
label : "fsGroup"
description : "The group that should own ALL storage."
schema :
type : int
default : 568
- variable : supplementalGroups
2021-08-30 13:58:30 +00:00
label : "supplemental Groups"
2021-08-28 11:37:53 +00:00
schema :
type : list
default : [ ]
items :
- variable : supplementalGroupsEntry
2021-08-30 13:58:30 +00:00
label : "supplemental Group"
2021-08-28 11:37:53 +00:00
schema :
type : int
- variable : fsGroupChangePolicy
label : "When should we take ownership?"
schema :
type : string
default : "OnRootMismatch"
enum :
- value : "OnRootMismatch"
description : "OnRootMismatch"
- value : "Always"
description : "Always"
- variable : resources
group : "Resources and Devices"
label : ""
schema :
type : dict
attrs :
- variable : limits
label : "Advanced Limit Resource Consumption"
schema :
type : dict
attrs :
- variable : cpu
label : "CPU"
schema :
type : string
default : "2000m"
2021-09-08 23:08:11 +00:00
valid_chars : '^([0-9]+)(\.[0-9]?|m?)$'
2021-08-28 11:37:53 +00:00
- variable : memory
label : "Memory RAM"
schema :
type : string
default : "2Gi"
2021-09-08 23:08:11 +00:00
valid_chars : '^([0-9.]+)([EPTGMK]i?|[EPTGMK]?|e[0-9]+)$'
2021-08-28 11:37:53 +00:00
- variable : requests
label : "Advanced Request minimum resources required"
schema :
type : dict
attrs :
- variable : cpu
label : "CPU"
schema :
type : string
default : "10m"
2021-09-08 23:08:11 +00:00
valid_chars : '^([0-9]+)(\.[0-9]?|m?)$'
2021-08-28 11:37:53 +00:00
- variable : memory
label : "Memory RAM"
schema :
type : string
default : "50Mi"
2021-09-08 23:08:11 +00:00
valid_chars : '^([0-9.]+)([EPTGMK]i?|[EPTGMK]?|e[0-9]+)$'
2021-08-30 13:58:30 +00:00
- variable : autoscaling
group : "Resources and Devices"
label : "Horizontal Pod Autoscaler"
schema :
type : dict
attrs :
- variable : enabled
label : "enabled"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : target
label : "Target"
description : "deployment name, defaults to main deployment"
schema :
type : string
default : ""
- variable : minReplicas
label : "Minimum Replicas"
schema :
type : int
default : 1
- variable : maxReplicas
label : "Maximum Replicas"
schema :
type : int
default : 5
- variable : targetCPUUtilizationPercentage
label : "Target CPU Utilization Percentage"
schema :
type : int
default : 80
- variable : targetMemoryUtilizationPercentage
label : "Target Memory Utilization Percentage"
schema :
type : int
default : 80
2021-09-06 21:00:42 +00:00
- variable : identity_providers
group : "Advanced"
label : "Authelia Identity Providers (BETA)"
schema :
type : dict
attrs :
- variable : oidc
label : "OpenID Connect(BETA)"
schema :
type : dict
attrs :
- variable : enabled
label : "enabled"
schema :
type : boolean
default : false
show_subquestions_if : true
subquestions :
- variable : access_token_lifespan
label : "Access Token Lifespan"
schema :
type : string
default : "1h"
required : true
- variable : authorize_code_lifespan
label : "Authorize Code Lifespan"
schema :
type : string
default : "1m"
required : true
- variable : id_token_lifespan
label : "ID Token Lifespan"
schema :
type : string
default : "1h"
required : true
- variable : refresh_token_lifespan
label : "Refresh Token Lifespan"
schema :
type : string
default : "90m"
required : true
- variable : enable_client_debug_messages
label : "Enable Client Debug Messages"
schema :
type : boolean
default : false
- variable : minimum_parameter_entropy
label : "Minimum Parameter Entropy"
schema :
type : int
default : 8
hidden : true
- variable : clients
label : "Clients"
schema :
type : list
default : [ ]
items :
- variable : clientEntry
label : "Client"
schema :
type : dict
attrs :
- variable : id
label : "ID/Name"
description : "The ID is the OpenID Connect ClientID which is used to link an application to a configuration."
schema :
type : string
default : "myapp"
required : true
- variable : description
label : "Description"
description : "The description to show to users when they end up on the consent screen. Defaults to the ID above."
schema :
type : string
default : "My Application"
required : true
- variable : secret
label : "Secret"
description : "The client secret is a shared secret between Authelia and the consumer of this client."
schema :
type : string
default : ""
required : true
- variable : public
label : "public"
description : "Sets the client to public. This should typically not be set, please see the documentation for usage."
schema :
type : boolean
default : false
- variable : authorization_policy
label : "Authorization Policy"
description : "The policy to require for this client; one_factor or two_factor."
schema :
type : string
default : "two_factor"
enum :
- value : "one_factor"
description : "one_factor"
- value : "two_factor"
description : "two_factor"
- variable : userinfo_signing_algorithm
label : "Userinfo Signing Algorithm"
description : "The algorithm used to sign userinfo endpoint responses for this client, either none or RS256."
schema :
type : string
default : "none"
enum :
- value : "none"
description : "none"
- value : "RS256"
description : "RS256"
- variable : audience
label : "Audience"
description : "Audience this client is allowed to request."
schema :
type : list
default : [ ]
items :
- variable : audienceEntry
label : ""
schema :
type : string
default : ""
required : true
- variable : scopes
label : "Scopes"
description : "Scopes this client is allowed to request."
schema :
type : list
default : [ ]
items :
- variable : ScopeEntry
label : "Scope"
schema :
type : string
default : "openid"
required : true
- variable : redirect_uris
label : "redirect_uris"
description : "Redirect URI's specifies a list of valid case-sensitive callbacks for this client."
schema :
type : list
default : [ ]
items :
- variable : uriEntry
label : "Url"
schema :
type : string
default : "https://oidc.example.com/oauth2/callback"
required : true
- variable : grant_types
description : "Grant Types configures which grants this client can obtain."
label : "grant_types"
schema :
type : list
default : [ ]
items :
- variable : grantEntry
label : "Grant"
schema :
type : string
default : "refresh_token"
required : true
- variable : response_types
description : "Response Types configures which responses this client can be sent."
label : "response_types"
schema :
type : list
default : [ ]
items :
- variable : responseEntry
label : "type"
schema :
type : string
default : "code"
required : true
- variable : response_modes
description : "Response Modes configures which response modes this client supports."
label : "response_modes"
schema :
type : list
default : [ ]
items :
- variable : modeEntry
label : "Mode"
schema :
type : string
default : "form_post"
required : true