2022-11-09 08:28:51 +00:00
|
|
|
# Include{groups}
|
|
|
|
|
portals:
|
|
|
|
|
open:
|
|
|
|
|
# Include{portalLink}
|
|
|
|
|
questions:
|
|
|
|
|
# Include{global}
|
|
|
|
|
# Include{controller}
|
|
|
|
|
# Include{controllerDeployment}
|
|
|
|
|
# Include{replicas}
|
|
|
|
|
# Include{replica1}
|
|
|
|
|
# Include{strategy}
|
|
|
|
|
# Include{recreate}
|
|
|
|
|
# Include{controllerExpert}
|
|
|
|
|
# Include{controllerExpertExtraArgs}
|
|
|
|
|
- variable: misskey
|
2022-11-10 16:56:28 +00:00
|
|
|
group: App Configuration
|
2022-11-09 08:28:51 +00:00
|
|
|
label: Misskey Configuration
|
|
|
|
|
schema:
|
|
|
|
|
type: dict
|
|
|
|
|
attrs:
|
|
|
|
|
- variable: url
|
|
|
|
|
label: Final Accessible URL (Initial Install Only)
|
|
|
|
|
description: Final accessible URL seen by a user. ONCE YOU HAVE STARTED THE INSTANCE, DO NOT CHANGE THE URL SETTINGS AFTER THAT!
|
|
|
|
|
schema:
|
|
|
|
|
type: string
|
|
|
|
|
required: true
|
|
|
|
|
- variable: id
|
|
|
|
|
label: ID Generation Method (Initial Install Only)
|
|
|
|
|
description: Select the ID generation method. DO NOT CHANGE AFTER INSTANCE IS STARTED!
|
|
|
|
|
schema:
|
|
|
|
|
type: string
|
|
|
|
|
enum:
|
|
|
|
|
- value: aid
|
|
|
|
|
description: Short, Millisecond accuracy
|
|
|
|
|
- value: meid
|
|
|
|
|
description: Similar to ObjectID, Millisecond accuracy
|
|
|
|
|
- value: ulid
|
|
|
|
|
description: Millisecond accuracy
|
|
|
|
|
- value: objectid
|
|
|
|
|
description: This is left for backward compatibility
|
|
|
|
|
default: aid
|
|
|
|
|
required: true
|
|
|
|
|
- variable: other
|
|
|
|
|
label: Other Configuration
|
|
|
|
|
schema:
|
|
|
|
|
type: dict
|
|
|
|
|
attrs:
|
|
|
|
|
- variable: disableHSTS
|
|
|
|
|
label: Disable HSTS
|
|
|
|
|
schema:
|
|
|
|
|
type: boolean
|
|
|
|
|
default: false
|
|
|
|
|
- variable: signToActivityPubGet
|
|
|
|
|
label: Sign to ActivityPub GET Request
|
|
|
|
|
schema:
|
|
|
|
|
type: boolean
|
|
|
|
|
default: false
|
|
|
|
|
- variable: maxFileSize
|
|
|
|
|
label: Max file upload/download size (bytes)
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
required: true
|
|
|
|
|
default: 262144000
|
|
|
|
|
- variable: clusterLimit
|
|
|
|
|
label: Cluster Limit
|
|
|
|
|
description: Number of worker processes for server
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
required: true
|
|
|
|
|
default: 1
|
|
|
|
|
- variable: deliverJobConcurrency
|
|
|
|
|
label: Deliver Job Concurrency
|
|
|
|
|
description: Job concurrency per worker
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
required: true
|
|
|
|
|
default: 128
|
|
|
|
|
- variable: inboxJobConcurrency
|
|
|
|
|
label: Inbox Job Concurrency
|
|
|
|
|
description: Inbox job concurrency per worker
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
required: true
|
|
|
|
|
default: 16
|
|
|
|
|
- variable: deliverJobPerSec
|
|
|
|
|
label: Deliver Jobs Per Second
|
|
|
|
|
description: Job rate limiter
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
required: true
|
|
|
|
|
default: 128
|
|
|
|
|
- variable: inboxJobPerSec
|
|
|
|
|
label: Inbox Jobs Per Second
|
|
|
|
|
description: Inbox job rate limiter
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
required: true
|
|
|
|
|
default: 16
|
|
|
|
|
- variable: deliverJobMaxAttempts
|
|
|
|
|
label: Max Deliver Job Attempts
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
required: true
|
|
|
|
|
default: 12
|
|
|
|
|
- variable: inboxJobMaxAttempts
|
|
|
|
|
label: Max Inbox Job Attempts
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
required: true
|
|
|
|
|
default: 8
|
|
|
|
|
- variable: allowedPrivateNetworks
|
|
|
|
|
label: Allowed Private Networks
|
|
|
|
|
description: Automatically 127.0.0.1/32 is added
|
|
|
|
|
schema:
|
|
|
|
|
type: list
|
|
|
|
|
default: []
|
|
|
|
|
items:
|
|
|
|
|
- variable: privateNet
|
|
|
|
|
label: Private Network Entry
|
|
|
|
|
schema:
|
|
|
|
|
type: string
|
|
|
|
|
required: true
|
|
|
|
|
default: ""
|
|
|
|
|
# Include{containerConfig}
|
|
|
|
|
# Include{serviceRoot}
|
|
|
|
|
- variable: main
|
|
|
|
|
label: Main Service
|
|
|
|
|
description: The Primary service on which the healthcheck runs, often the webUI
|
|
|
|
|
schema:
|
|
|
|
|
additional_attrs: true
|
|
|
|
|
type: dict
|
|
|
|
|
attrs:
|
|
|
|
|
# Include{serviceSelectorLoadBalancer}
|
|
|
|
|
# Include{serviceSelectorExtras}
|
|
|
|
|
- variable: main
|
|
|
|
|
label: Main Service Port Configuration
|
|
|
|
|
schema:
|
|
|
|
|
additional_attrs: true
|
|
|
|
|
type: dict
|
|
|
|
|
attrs:
|
|
|
|
|
- variable: port
|
|
|
|
|
label: Port
|
|
|
|
|
description: This port exposes the container port on the service
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
default: 3003
|
|
|
|
|
required: true
|
|
|
|
|
# Include{advancedPortHTTP}
|
|
|
|
|
- variable: targetPort
|
|
|
|
|
label: Target Port
|
|
|
|
|
description: The internal(!) port on the container the Application runs on
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
default: 3003
|
|
|
|
|
# Include{serviceExpertRoot}
|
|
|
|
|
default: false
|
|
|
|
|
# Include{serviceExpert}
|
|
|
|
|
# Include{serviceList}
|
|
|
|
|
# Include{persistenceRoot}
|
|
|
|
|
- variable: misskeyconfig
|
|
|
|
|
label: App configuration storage
|
|
|
|
|
description: Stores the Application configuration files.
|
|
|
|
|
schema:
|
|
|
|
|
additional_attrs: true
|
|
|
|
|
type: dict
|
|
|
|
|
attrs:
|
|
|
|
|
# Include{persistenceBasic}
|
|
|
|
|
# Include{persistenceAdvanced}
|
|
|
|
|
- variable: files
|
|
|
|
|
label: Misskey file Storage
|
|
|
|
|
description: Stores the Application file data.
|
|
|
|
|
schema:
|
|
|
|
|
additional_attrs: true
|
|
|
|
|
type: dict
|
|
|
|
|
attrs:
|
|
|
|
|
# Include{persistenceBasic}
|
|
|
|
|
# Include{persistenceAdvanced}
|
|
|
|
|
# Include{persistenceList}
|
|
|
|
|
# Include{ingressRoot}
|
|
|
|
|
- variable: main
|
|
|
|
|
label: Main Ingress
|
|
|
|
|
schema:
|
|
|
|
|
additional_attrs: true
|
|
|
|
|
type: dict
|
|
|
|
|
attrs:
|
|
|
|
|
# Include{ingressDefault}
|
|
|
|
|
# Include{ingressTLS}
|
|
|
|
|
# Include{ingressTraefik}
|
|
|
|
|
# Include{ingressExpert}
|
|
|
|
|
# Include{ingressList}
|
|
|
|
|
# Include{security}
|
|
|
|
|
# Include{securityContextAdvancedRoot}
|
|
|
|
|
- variable: privileged
|
|
|
|
|
label: Privileged mode
|
|
|
|
|
schema:
|
|
|
|
|
type: boolean
|
|
|
|
|
default: false
|
|
|
|
|
- variable: readOnlyRootFilesystem
|
|
|
|
|
label: ReadOnly Root Filesystem
|
|
|
|
|
schema:
|
|
|
|
|
type: boolean
|
|
|
|
|
default: false
|
|
|
|
|
- variable: allowPrivilegeEscalation
|
|
|
|
|
label: Allow Privilege Escalation
|
|
|
|
|
schema:
|
|
|
|
|
type: boolean
|
|
|
|
|
default: false
|
|
|
|
|
- variable: runAsNonRoot
|
|
|
|
|
label: runAsNonRoot
|
|
|
|
|
schema:
|
|
|
|
|
type: boolean
|
|
|
|
|
default: false
|
|
|
|
|
# Include{securityContextAdvanced}
|
|
|
|
|
# Include{podSecurityContextRoot}
|
|
|
|
|
- variable: runAsUser
|
|
|
|
|
label: runAsUser
|
|
|
|
|
description: The UserID of the user running the application
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
default: 0
|
|
|
|
|
- variable: runAsGroup
|
|
|
|
|
label: runAsGroup
|
|
|
|
|
description: The groupID this App of the user running the application
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
default: 0
|
|
|
|
|
- variable: fsGroup
|
|
|
|
|
label: fsGroup
|
|
|
|
|
description: The group that should own ALL storage.
|
|
|
|
|
schema:
|
|
|
|
|
type: int
|
|
|
|
|
default: 33
|
|
|
|
|
# Include{podSecurityContextAdvanced}
|
|
|
|
|
# Include{resources}
|
|
|
|
|
# Include{advanced}
|
|
|
|
|
# Include{addons}
|
|
|
|
|
# Include{codeserver}
|
|
|
|
|
# Include{promtail}
|
|
|
|
|
# Include{netshoot}
|
|
|
|
|
# Include{vpn}
|
|
|
|
|
# Include{documentation}
|
