2022-08-17 19:55:10 +00:00
|
|
|
# Include{groups}
|
|
|
|
portals: {}
|
|
|
|
questions:
|
|
|
|
# Include{global}
|
|
|
|
# Include{controller}
|
|
|
|
# Include{controllerDeployment}
|
|
|
|
# Include{replicas}
|
|
|
|
# Include{replica1}
|
|
|
|
# Include{strategy}
|
|
|
|
# Include{recreate}
|
|
|
|
# Include{controllerExpert}
|
|
|
|
# Include{controllerExpertExtraArgs}
|
|
|
|
- variable: tailscale
|
|
|
|
group: "Container Configuration"
|
|
|
|
label: "Tailscale Configuration"
|
|
|
|
schema:
|
|
|
|
additional_attrs: true
|
|
|
|
type: dict
|
|
|
|
attrs:
|
|
|
|
- variable: authkey
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Auth Key
|
|
|
|
description: Provide an auth key to automatically authenticate the node as your user account.
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: string
|
|
|
|
private: true
|
|
|
|
default: ""
|
|
|
|
- variable: userspace
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Userspace
|
|
|
|
description: Userspace Networking mode allows running Tailscale where you don't have access to create a VPN tunnel device.
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: boolean
|
2022-09-14 14:25:36 +00:00
|
|
|
default: false
|
2022-08-17 19:55:10 +00:00
|
|
|
- variable: accept_dns
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Accept DNS
|
|
|
|
description: Accept DNS configuration from the admin console.
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: boolean
|
|
|
|
default: false
|
|
|
|
- variable: routes
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Routes
|
2022-08-17 19:55:10 +00:00
|
|
|
description: Expose physical subnet routes to your entire Tailscale network.
|
|
|
|
schema:
|
|
|
|
type: string
|
|
|
|
default: ""
|
|
|
|
- variable: dest_ip
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Dest IP
|
2022-08-17 19:55:10 +00:00
|
|
|
description: Tells the DNAT mechanism which Destination IP to set in the IP header, and where to send packets that are matched.
|
|
|
|
schema:
|
|
|
|
type: string
|
|
|
|
default: ""
|
|
|
|
- variable: sock5_server
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Sock5 Server
|
|
|
|
schema:
|
|
|
|
type: string
|
|
|
|
default: ""
|
|
|
|
- variable: hostname
|
|
|
|
label: Hostname
|
|
|
|
description: You can specify a specific hostname for use inside Tailscale. (Passes --hostname HOSTNAME to extra_args)
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: string
|
|
|
|
default: ""
|
2022-09-14 14:25:36 +00:00
|
|
|
- variable: advertise_as_exit_node
|
|
|
|
label: Advertise as exit node
|
|
|
|
description: This is used to pass traffic through tailscale like a private VPN. (Passes --advertise-exit-node to extra_args)
|
|
|
|
schema:
|
|
|
|
type: boolean
|
|
|
|
default: false
|
2022-08-17 19:55:10 +00:00
|
|
|
- variable: extra_args
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Extra Args
|
2022-08-24 07:31:34 +00:00
|
|
|
description: UP_ARGS or flags to pass along to Tailscale, such as --advertise-exit-node
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: string
|
|
|
|
default: ""
|
2022-08-20 13:20:48 +00:00
|
|
|
- variable: daemon_extra_args
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Tailscale Daemon Extra Args
|
2022-08-20 13:20:48 +00:00
|
|
|
schema:
|
|
|
|
type: string
|
|
|
|
default: ""
|
2022-08-17 19:55:10 +00:00
|
|
|
# Include{containerConfig}
|
|
|
|
# Include{serviceExpertRoot}
|
2022-09-14 14:25:36 +00:00
|
|
|
default: true
|
2022-08-17 19:55:10 +00:00
|
|
|
# Include{serviceExpert}
|
|
|
|
# Include{serviceList}
|
|
|
|
# Include{persistenceRoot}
|
|
|
|
- variable: config
|
2022-09-14 14:25:36 +00:00
|
|
|
label: App Config Storage
|
|
|
|
description: Stores the Application Configuration.
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
additional_attrs: true
|
|
|
|
type: dict
|
|
|
|
attrs:
|
|
|
|
# Include{persistenceBasic}
|
|
|
|
# Include{persistenceAdvanced}
|
|
|
|
# Include{persistenceList}
|
|
|
|
# Include{ingressRoot}
|
|
|
|
- variable: main
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Main Ingress
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
additional_attrs: true
|
|
|
|
type: dict
|
|
|
|
attrs:
|
|
|
|
# Include{ingressDefault}
|
|
|
|
# Include{ingressTLS}
|
|
|
|
# Include{ingressTraefik}
|
|
|
|
# Include{ingressExpert}
|
|
|
|
# Include{ingressList}
|
|
|
|
# Include{security}
|
|
|
|
# Include{securityContextAdvancedRoot}
|
|
|
|
- variable: privileged
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Privileged mode
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: boolean
|
|
|
|
default: false
|
|
|
|
- variable: readOnlyRootFilesystem
|
2022-09-14 14:25:36 +00:00
|
|
|
label: ReadOnly Root Filesystem
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: boolean
|
2022-08-20 13:20:48 +00:00
|
|
|
default: false
|
2022-08-17 19:55:10 +00:00
|
|
|
- variable: allowPrivilegeEscalation
|
2022-09-14 14:25:36 +00:00
|
|
|
label: Allow Privilege Escalation
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: boolean
|
|
|
|
default: false
|
|
|
|
- variable: runAsNonRoot
|
2022-09-14 14:25:36 +00:00
|
|
|
label: runAsNonRoot
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: boolean
|
2022-08-20 13:20:48 +00:00
|
|
|
default: false
|
2022-08-17 19:55:10 +00:00
|
|
|
# Include{securityContextAdvanced}
|
|
|
|
# Include{podSecurityContextRoot}
|
|
|
|
- variable: runAsUser
|
2022-09-14 14:25:36 +00:00
|
|
|
label: runAsUser
|
|
|
|
description: The UserID of the user running the application
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: int
|
2022-08-20 13:20:48 +00:00
|
|
|
default: 0
|
2022-08-17 19:55:10 +00:00
|
|
|
- variable: runAsGroup
|
2022-09-14 14:25:36 +00:00
|
|
|
label: runAsGroup
|
|
|
|
description: The groupID this App of the user running the application
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: int
|
2022-08-20 13:20:48 +00:00
|
|
|
default: 0
|
2022-08-17 19:55:10 +00:00
|
|
|
- variable: fsGroup
|
2022-09-14 14:25:36 +00:00
|
|
|
label: fsGroup
|
|
|
|
description: The group that should own ALL storage.
|
2022-08-17 19:55:10 +00:00
|
|
|
schema:
|
|
|
|
type: int
|
|
|
|
default: 568
|
|
|
|
# Include{podSecurityContextAdvanced}
|
|
|
|
# Include{resources}
|
|
|
|
# Include{advanced}
|
|
|
|
# Include{addons}
|
|
|
|
# Include{documentation}
|