Refactor Ingress (#219)

* Refactor Ingress and Add Tests

* New HTTP Ingress UI Layout

* Cleanup plain TCP and all UDP ingress UI's

* Bulk Traefik Changes:

- update traefik
- move storage to common chart
- Remove reflector
- Remove Cert-Manager
- Add http IngressRoute to common
- remove ingress(Route) from traefik
- Cleanup Ingress(Route) to be includable in other charts

* Update common included with all Apps

* Update traefik and addserviceName, servicePort and serviceKind to questions.yaml

* Polish: Auto find port and servicename for ingress, allow override

* Add basic documentation and examples

* Cleanup

* small bugfix

* fix mini mistake in qbittorrent

* Use default torrent port within qbittorrent
This commit is contained in:
Kjeld Schouten-Lebbing 2021-03-05 22:31:02 +01:00 committed by kjeld Schouten-Lebbing
parent d22b481a3f
commit fb8e40c18b
No known key found for this signature in database
GPG Key ID: 4CDAD4A532BC1EDB
134 changed files with 3284 additions and 2073 deletions

270
.github/docs/development/ingress.md vendored Normal file
View File

@ -0,0 +1,270 @@
# Ingress
Ingress is what we call "Reverse Proxy" in the UI and in the user side of the documentation. Please be aware that those refer to the same system. An Ingress is, simply put, just Kubernetes way of connecting outsides to Apps running in containers.
### Ingress Types
We currently support:
- HTTP via Ingres
- HTTP via Traefik IngressRoute (HTTP-IR)
- TCP via Traefik IngressRouteTCP
- UDP via Traefik IngressRouteUDP
From questions.yaml and the UI, these can be changed with selecting another "Type". However: Under the hood IngressRoutes and Ingress are totally different beasts and have a seperate creation process. Errors for Plain HTTP do NOT have to be present in HTTP-IR.
It's also important to note that TCP (and even more so: UDP) have less options available. The example configurations below contain a mostly complete overview of what is currently available and reasonable.
##### Ingress and Services
It's important to know what Ingress does, before you start creating ingresses in questions.yaml. Ingresses send outside Traffic, to a kubernetes Service, which in turn forwards traffic to the actual containers.
This means that every container needs to know how to reach their Service. If they do not, things go wrong.
To ensure this, it's adviced to keep the names of your Ingresses the same as the names of your services. We made sure the ingress would automatically detect (and connect to) the main port of a Service with the same name.
However: In case you need to do this differently, need to connect to additionalServices and/or need to connect to a secondary port, you can manually set both the serviceName and servicePort in questions.yaml. We advice however, to only do so if absolutely necessary!
##### The Main Ingress
The main Ingress and Main service take an important role in our standardisation. Where the main Service is used for healthchecks and the "portal" button, the main Ingress is just used for the portal button.
However: As the maintainers expect new features to be connecting to the main service and main ingress, it will cause problems if you decide to bypass/ignore these.
### Standards/Examples
We try to maintain as much of a standardised questions.yaml format as possible, to ensure (bulk) editing stays as easy as possible.
##### HTTP Ingress
```
- variable: ingress
label: ""
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
label: "Web Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: enabled
label: "Enable Web Reverse Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# type: int
# default: 80
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
type: string
default: "websecure"
required: true
enum:
- value: "websecure"
description: "Websecure: HTTPS/TLS port 443"
- variable: hosts
label: "Hosts"
schema:
type: list
default: []
items:
- variable: host
label: "Host"
schema:
type: dict
attrs:
- variable: host
label: "Domain Name"
required: true
schema:
type: string
- variable: paths
label: "paths"
schema:
type: list
default: []
items:
- variable: path
label: "Path"
schema:
type: dict
attrs:
- variable: path
label: "path"
schema:
type: string
required: true
default: "/"
- variable: pathType
label: "pathType"
schema:
type: string
required: true
default: "prefix"
- variable: certType
label: "Select Certificate Type"
schema:
type: string
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:
type: string
default: ""
```
##### TCP Ingress
```
- variable: tcp
label: "TCP Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: enabled
label: "Enable TCP Reverse Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Select Reverse Proxy Type"
schema:
type: string
default: "TCP"
required: true
editable: false
hidden: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# type: int
# default: 80
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
type: string
default: "torrent-tcp"
required: true
enum:
- value: "torrent-tcp"
description: "Torrent-TCP: port 51413"
```
##### UDP Ingress
```
- variable: udp
label: "UDP Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: enabled
label: "Enable UDP Reverse Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Select Reverse Proxy Type"
schema:
type: string
default: "UDP"
required: true
editable: false
hidden: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# type: int
# default: 80
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
type: string
default: "torrent-udp"
required: true
enum:
- value: "torrent-udp"
description: "Torrent-UDP: port 51413"
```

View File

@ -69,7 +69,8 @@ Please keep in mind that every App is different, some just have one service (whi
schema: schema:
type: int type: int
default: 80 default: 80
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -133,7 +134,8 @@ in some edgecases users might need or want to have the option to add unlimited c
schema: schema:
type: int type: int
default: 80 default: 80
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"

24
.github/docs/general/reverse-proxy.md vendored Normal file
View File

@ -0,0 +1,24 @@
# Reverse Proxy
Within TrueCharts our aim is to make it as easy as possible to secure your Apps. To support this we Supply a Traefik "Reverse Proxy", which has been preconfigured to provide secure and fast connections.
To use Traefik as a Reverse Proxy, all you have to do is enable "Reverse Proxy" in the App of your choice and fill out a little form.
### Types of Reverse Proxys
We currently offer the following types of pre-configured reverse proxies:
- HTTP
- HTTP using CRD (Advanced)
- TCP
- UDP
Besides HTTP, all these options, require Traefik to be installed before you enable Reverse Proxy on your App. I many cases, the maintainer of your app has hidden specific settings, like the type of Reverse proxies available, to suit your App.
### Adding Certificates
To add certificates to Apps, we use the TrueNAS SCALE certificate storage. This means you first need to add Certificates to TrueNAS SCALE, after which you can select them when Installing or Editing your App.

2
.gitignore vendored
View File

@ -41,3 +41,5 @@ tests/test-report.txt
tests/test-report.xml tests/test-report.xml
private_values.yaml private_values.yaml
temp/ temp/
library/common-test/charts/*
Chart.lock

View File

@ -0,0 +1,11 @@
for chart in charts/*; do
if [ -d "${chart}" ]; then
maxfolderversion=$(ls -l ${chart} | grep ^d | awk '{print $9}' | tail -n 1)
chartname=$(basename ${chart})
echo "Processing: ${chart} - folder: ${maxfolderversion} - version: ${maxchartversion}"
if [ "${maxfolderversion}" != "${maxchartversion}" ]; then
rm -Rf ${chart}/${maxfolderversion}/charts/*.tgz
cp -f library/common-test/charts/* ${chart}/${maxfolderversion}/charts/
fi
fi
done

View File

@ -264,5 +264,644 @@ class Test < ChartTest
end end
end end
describe 'ingress' do
it 'should be disabled when (additional)ingress enabled = false' do
values = {
ingress: {
test1: {
enabled: false
},
test2: {
enabled: false
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
assert_nil(resource('Ingress'))
end
it 'should be enabled when (additional)ingress enabled = true' do
values = {
ingress: {
test1: {
enabled: true
},
test2: {
enabled: true
}
},
additionalIngress: [
{
enabled: true,
name: "test3"
},
{
enabled: true,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('Ingress'))
end
it 'should be not create ingressroute unless type tcp/udp' do
values = {
ingress: {
test1: {
enabled: true
},
test2: {
enabled: true
}
},
additionalIngress: [
{
enabled: true,
name: "test3"
},
{
enabled: true,
name: "test4"
}
]
}
chart.value values
assert_nil(resource('IngressRouteTCP'))
assert_nil(resource('IngressRouteUDP'))
end
it 'should be enabled when half (additional)ingress enabled = true' do
values = {
ingress: {
test1: {
enabled: false
},
test2: {
enabled: true
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: true,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('Ingress'))
end
it 'ingress with hosts' do
values = {
ingress: {
test1: {
hosts: [
{
host: 'hostname',
paths: [
{
path: '/'
}
]
}
]
}
}
}
chart.value values
jq('.spec.rules[0].host', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.rules[0].http.paths[0].path', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:paths][0][:path]
end
it 'ingress with hosts template is evaluated' do
expectedHostName = 'common-test.hostname'
values = {
ingress: {
test1: {
hosts: [
{
hostTpl: '{{ .Release.Name }}.hostname',
paths: [
{
path: '/'
}
]
}
]
}
}
}
chart.value values
jq('.spec.rules[0].host', resource('Ingress')).must_equal expectedHostName
jq('.spec.rules[0].http.paths[0].path', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:paths][0][:path]
end
it 'ingress with hosts and tls' do
values = {
ingress: {
test1: {
enabled: true,
hosts: [
{
host: 'hostname',
paths: [
{
path: '/'
}
]
}
],
tls: [
{
hosts: [ 'hostname' ],
secretName: 'hostname-secret-name'
}
]
}
}
}
chart.value values
jq('.spec.rules[0].host', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.rules[0].http.paths[0].path', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:paths][0][:path]
jq('.spec.tls[0].hosts[0]', resource('Ingress')).must_equal values[:ingress][:test1][:tls][0][:hosts][0]
jq('.spec.tls[0].secretName', resource('Ingress')).must_equal values[:ingress][:test1][:tls][0][:secretName]
end
it 'ingress with tls template is evaluated' do
expectedHostName = 'common-test.hostname'
expectedSecretName = 'common-test-hostname-secret-name'
values = {
ingress: {
test1: {
enabled: true,
tls: [
{
hostsTpl: [ '{{ .Release.Name }}.hostname' ],
secretNameTpl: '{{ .Release.Name }}-hostname-secret-name'
}
]
}
}
}
chart.value values
jq('.spec.tls[0].hosts[0]', resource('Ingress')).must_equal expectedHostName
jq('.spec.tls[0].secretName', resource('Ingress')).must_equal expectedSecretName
end
it 'ingress with hosts and tls template is evaluated' do
expectedHostName = 'common-test.hostname'
expectedSecretName = 'common-test-hostname-secret-name'
values = {
ingress: {
test1: {
enabled: true,
hosts: [
{
hostTpl: '{{ .Release.Name }}.hostname',
paths: [
{
path: '/'
}
]
}
],
tls: [
{
hostsTpl: [ '{{ .Release.Name }}.hostname' ],
secretNameTpl: '{{ .Release.Name }}-hostname-secret-name'
}
]
}
}
}
chart.value values
jq('.spec.rules[0].host', resource('Ingress')).must_equal expectedHostName
jq('.spec.rules[0].http.paths[0].path', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:paths][0][:path]
jq('.spec.tls[0].hosts[0]', resource('Ingress')).must_equal expectedHostName
jq('.spec.tls[0].secretName', resource('Ingress')).must_equal expectedSecretName
end
it 'ingress with selfsigned certtype is evaluated' do
expectedHostName = 'common-test.hostname'
expectedSecretName = 'common-test-hostname-secret-name'
values = {
ingress: {
test1: {
enabled: true,
hosts: [
{
host: 'hostname',
paths: [
{
path: '/'
}
]
}
],
certType: "selfsigned"
}
}
}
chart.value values
jq('.spec.rules[0].host', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.rules[0].http.paths[0].path', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:paths][0][:path]
jq('.spec.tls[0].hosts[0]', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.tls[0].secretName', resource('Ingress')).must_equal nil
end
it 'should create when type = HTTP' do
values = {
ingress: {
test1: {
enabled: true,
type: "HTTP"
},
test2: {
enabled: false
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('Ingress'))
end
it 'check no middleware without traefik' do
values = {
ingress: {
test1: {
enabled: true
}
}
}
chart.value values
assert_nil(resource('Middleware'))
end
it 'check authForward when authForwardURL is set' do
expectedName = 'common-test-test1-auth-forward'
values = {
ingress: {
test1: {
enabled: true,
authForwardURL: "test.test.com"
}
}
}
chart.value values
refute_nil(resource('Middleware'))
jq('.spec.forwardAuth.address', resource('Middleware')).must_equal values[:ingress][:test1][:authForwardURL]
jq('.metadata.name', resource('Middleware')).must_equal expectedName
end
end
describe 'ingressRoutes' do
it 'should create only TCP when type = TCP' do
values = {
ingress: {
test1: {
enabled: true,
type: "TCP"
},
test2: {
enabled: false
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('IngressRouteTCP'))
assert_nil(resource('IngressRouteUDP'))
end
it 'should create only UDP when type = UDP' do
values = {
ingress: {
test1: {
enabled: true,
type: "UDP"
},
test2: {
enabled: false
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('IngressRouteUDP'))
assert_nil(resource('IngressRouteTCP'))
end
it 'should create only additional TCP when type = TCP' do
values = {
ingress: {
test1: {
enabled: false
},
test2: {
enabled: false
}
},
additionalIngress: [
{
enabled: true,
name: "test3",
type: "TCP"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('IngressRouteTCP'))
assert_nil(resource('IngressRouteUDP'))
end
it 'should create only additional UDP when type = UDP' do
values = {
ingress: {
test1: {
enabled: false
},
test2: {
enabled: false
}
},
additionalIngress: {
test3: {
enabled: true,
type: "UDP"
},
test4: {
enabled: false
}
}
}
chart.value values
refute_nil(resource('IngressRouteUDP'))
assert_nil(resource('IngressRouteTCP'))
end
it 'should be able to create 3 ingress types' do
values = {
ingress: {
test1: {
enabled: true,
type: "UDP"
},
test2: {
enabled: true,
type: "TCP"
},
test2b: {
enabled: true,
type: "HTTP"
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('IngressRouteUDP'))
refute_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
end
it 'should be able to create 3 additional ingress types' do
values = {
ingress: {
test1: {
enabled: false,
type: "UDP"
},
test2: {
enabled: false,
type: "TCP"
},
test2b: {
enabled: false,
type: "HTTP"
}
},
additionalIngress: [
{
enabled: true,
type: "HTTP",
name: "test3"
},
{
enabled: true,
type: "TCP",
name: "test4"
},
{
enabled: true,
type: "UDP",
name: "test5"
}
]
}
chart.value values
refute_nil(resource('IngressRouteUDP'))
refute_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
end
it 'ingressroute with selfsigned certtype is evaluated' do
values = {
ingress: {
test1: {
type: "TCP",
enabled: true,
hosts: [
{
host: 'hostname'
}
],
certType: "selfsigned"
}
}
}
chart.value values
jq('.spec.tls.domains[0].main', resource('IngressRouteTCP')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.tls.secretName', resource('IngressRouteTCP')).must_equal nil
end
it 'ingressrouteUDP + HTTP +TCP with selfsigned cert is evaluated ' do
values = {
ingress: {
test1: {
type: "TCP",
enabled: true,
hosts: [
{
host: 'hostname'
}
],
certType: "selfsigned"
},
test2: {
enabled: true,
type: "UDP"
},
test2b: {
enabled: true,
type: "HTTP"
}
}
}
chart.value values
jq('.spec.tls.domains[0].main', resource('IngressRouteTCP')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.tls.secretName', resource('IngressRouteTCP')).must_equal nil
refute_nil(resource('IngressRouteUDP'))
refute_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
end
it 'HTTP-ingressRoute is evaluated ' do
expectedHostString = 'Host(`hostname`)'
values = {
ingress: {
test1: {
type: "HTTP-IR",
enabled: true,
hosts: [
{
host: 'hostname'
}
]
}
}
}
chart.value values
jq('.spec.routes[0].match', resource('IngressRoute')).must_equal expectedHostString
assert_nil(resource('IngressRouteUDP'))
assert_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
refute_nil(resource('IngressRoute'))
end
it 'HTTP-ingressRoute with selfsigned cert is evaluated is evaluated ' do
expectedHostString = 'Host(`hostname`)'
values = {
ingress: {
test1: {
type: "HTTP-IR",
enabled: true,
hosts: [
{
host: 'hostname'
}
],
certType: "selfsigned"
}
}
}
chart.value values
jq('.spec.routes[0].match', resource('IngressRoute')).must_equal expectedHostString
assert_nil(resource('IngressRouteUDP'))
assert_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
refute_nil(resource('IngressRoute'))
jq('.spec.tls.domains[0].main', resource('IngressRoute')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.tls.secretName', resource('IngressRoute')).must_equal nil
end
it 'HTTP-ingressRoute+selfsigned+forwardAuth is evaluated is evaluated ' do
expectedHostString = 'Host(`hostname`)'
expectedName = 'common-test-test1-auth-forward'
values = {
ingress: {
test1: {
type: "HTTP-IR",
enabled: true,
hosts: [
{
host: 'hostname'
}
],
certType: "selfsigned",
authForwardURL: "test.com"
}
}
}
chart.value values
jq('.spec.routes[0].match', resource('IngressRoute')).must_equal expectedHostString
assert_nil(resource('IngressRouteUDP'))
assert_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
refute_nil(resource('IngressRoute'))
jq('.spec.tls.domains[0].main', resource('IngressRoute')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.tls.secretName', resource('IngressRoute')).must_equal nil
jq('.metadata.name', resource('Middleware')).must_equal expectedName
jq('.spec.routes[0].middlewares[1].name', resource('IngressRoute')).must_equal expectedName
end
end
end end
end end

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 6767 default: 6767
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -367,15 +368,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -386,6 +386,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -438,27 +468,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 8083 default: 8083
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -310,15 +311,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -329,6 +329,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -381,27 +411,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -41,7 +41,7 @@ persistence:
# skipuninstall: false # skipuninstall: false
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:

View File

@ -41,7 +41,7 @@ persistence:
# skipuninstall: false # skipuninstall: false
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
#appVolumeMounts: #appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Network Configuration" description: "Network Configuration"
- name: "Environment Variables" - name: "Environment Variables"
description: "Environment Variables Configuration" description: "Environment Variables Configuration"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
@ -166,7 +166,8 @@ questions:
schema: schema:
type: int type: int
default: 9980 default: 9980
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -224,13 +225,13 @@ questions:
default: 'collabora\.domain\.tld' default: 'collabora\.domain\.tld'
# Reverse Proxy # Reverse Proxy
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Reverse Proxy" group: "Reverse Proxy"
schema: schema:
@ -243,6 +244,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -295,27 +326,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "network / service configuration" description: "network / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -178,7 +178,8 @@ questions:
schema: schema:
type: int type: int
default: 8112 default: 8112
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -240,7 +241,8 @@ questions:
schema: schema:
type: int type: int
default: 51413 default: 51413
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -302,7 +304,8 @@ questions:
schema: schema:
type: int type: int
default: 51413 default: 51413
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -435,15 +438,14 @@ questions:
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -454,6 +456,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -506,27 +538,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:
@ -534,7 +560,6 @@ questions:
default: "" default: ""
- variable: tcp - variable: tcp
label: "TCP Reverse Proxy Configuration" label: "TCP Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -552,9 +577,28 @@ questions:
default: "TCP" default: "TCP"
required: true required: true
editable: false editable: false
enum: hidden: true
- value: "TCP" - variable: serviceName
description: "Plain TCP Connections" label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -564,18 +608,9 @@ questions:
enum: enum:
- value: "torrent-tcp" - value: "torrent-tcp"
description: "Torrent-TCP: port 51413" description: "Torrent-TCP: port 51413"
- variable: certType
label: "Select Certificate Type"
schema:
editable: false
type: string
default: ""
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- variable: udp - variable: udp
label: "UDP Reverse Proxy Configuration" label: "UDP Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -593,9 +628,28 @@ questions:
default: "UDP" default: "UDP"
required: true required: true
editable: false editable: false
enum: hidden: true
- value: "UDP" - variable: serviceName
description: "Plain UDP Connections" label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:

View File

@ -59,7 +59,7 @@ env: {}
# UMASK_SET: "022" # UMASK_SET: "022"
# DELUGE_LOGLEVEL: "error" # DELUGE_LOGLEVEL: "error"
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:
config: config:

View File

@ -59,7 +59,7 @@ env: {}
# UMASK_SET: "022" # UMASK_SET: "022"
# DELUGE_LOGLEVEL: "error" # DELUGE_LOGLEVEL: "error"
appIngressEnabled: false
# appVolumeMounts: # appVolumeMounts:
# config: # config:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -188,7 +188,8 @@ questions:
schema: schema:
type: int type: int
default: 6052 default: 6052
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -261,15 +262,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -280,6 +280,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -332,27 +362,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 80 default: 80
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -254,15 +255,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -273,6 +273,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -325,27 +355,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -23,7 +23,7 @@ persistence:
enabled: false enabled: false
emptyDir: false emptyDir: false
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:

View File

@ -23,7 +23,7 @@ persistence:
enabled: false enabled: false
emptyDir: false emptyDir: false
appIngressEnabled: false
#appVolumeMounts: #appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 8484 default: 8484
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -274,6 +274,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -326,27 +356,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -22,7 +22,7 @@ persistence:
emptyDir: false emptyDir: false
mountPath: /usr/data mountPath: /usr/data
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:

View File

@ -21,5 +21,3 @@ persistence:
enabled: false enabled: false
emptyDir: false emptyDir: false
mountPath: /usr/data mountPath: /usr/data
appIngressEnabled: false

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 80 default: 80
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -274,6 +274,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -326,27 +356,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -23,7 +23,7 @@ persistence:
enabled: false enabled: false
emptyDir: false emptyDir: false
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:

View File

@ -22,5 +22,3 @@ persistence:
config: config:
enabled: false enabled: false
emptyDir: false emptyDir: false
appIngressEnabled: false

View File

@ -6,7 +6,7 @@ groups:
description: "Container configuration" description: "Container configuration"
- name: "Networking" - name: "Networking"
description: "Network configuration" description: "Network configuration"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
- name: "Services" - name: "Services"
description: "Service configuration" description: "Service configuration"
@ -257,7 +257,8 @@ questions:
schema: schema:
type: int type: int
default: 5800 default: 5800
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -319,7 +320,8 @@ questions:
schema: schema:
type: int type: int
default: 5900 default: 5900
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -606,15 +608,14 @@ questions:
default: "/dev/sr0" default: "/dev/sr0"
required: true required: true
# Reverse Proxy # Reverse Proxy
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -625,6 +626,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -677,27 +708,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 80 default: 80
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -274,6 +274,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -326,27 +356,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "network / service configuration" description: "network / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -355,7 +355,8 @@ questions:
schema: schema:
type: int type: int
default: 8123 default: 8123
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -366,15 +367,14 @@ questions:
default: 36052 default: 36052
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -385,6 +385,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -437,27 +467,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 9117 default: 9117
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "WebUI"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -274,6 +274,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -326,27 +356,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 8096 default: 8096
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -311,15 +312,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -330,6 +330,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -382,27 +412,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 1688 default: 1688
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: kms - variable: main
label: "KMS Reverse Proxy Configuration" label: "KMS Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -281,9 +281,29 @@ questions:
default: "TCP" default: "TCP"
required: true required: true
editable: false editable: false
enum: hidden: true
- value: "TCP" - variable: serviceName
description: "Plain TCP Connections" label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -293,12 +313,3 @@ questions:
enum: enum:
- value: "kms" - value: "kms"
description: "KMS: port 1688" description: "KMS: port 1688"
- variable: certType
label: "Select Certificate Type"
schema:
editable: false
type: string
default: ""
enum:
- value: ""
description: "No Encryption/TLS/Certificates"

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -171,7 +171,8 @@ questions:
schema: schema:
type: int type: int
default: 5299 default: 5299
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -368,15 +369,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -387,6 +387,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -439,27 +469,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 8686 default: 8686
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -367,15 +368,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -386,6 +386,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -438,27 +468,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 80 default: 80
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -366,15 +367,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -385,6 +385,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -437,27 +467,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -70,7 +70,7 @@ persistence:
# skipuninstall: false # skipuninstall: false
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:

View File

@ -70,7 +70,7 @@ persistence:
# skipuninstall: false # skipuninstall: false
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
#appVolumeMounts: #appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "network / service configuration" description: "network / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 4533 default: 4533
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -312,15 +313,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -331,6 +331,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -383,27 +413,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -57,7 +57,7 @@ persistence:
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:

View File

@ -57,7 +57,7 @@ persistence:
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
# appVolumeMounts: # appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 1880 default: 1880
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -256,15 +257,14 @@ questions:
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -275,6 +275,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -327,27 +357,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 6789 default: 6789
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -310,15 +311,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -329,6 +329,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -381,27 +411,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -52,7 +52,7 @@ persistence:
# skipuninstall: false # skipuninstall: false
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:
config: config:

View File

@ -52,7 +52,7 @@ persistence:
# skipuninstall: false # skipuninstall: false
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
# appVolumeMounts: # appVolumeMounts:
# config: # config:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 5076 default: 5076
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -310,15 +311,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -329,6 +329,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -381,27 +411,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -59,7 +59,7 @@ persistence:
enabled: false enabled: false
emptyDir: false emptyDir: false
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:

View File

@ -59,7 +59,7 @@ persistence:
enabled: false enabled: false
emptyDir: false emptyDir: false
appIngressEnabled: false
#appVolumeMounts: #appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 3579 default: 3579
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -274,6 +274,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -326,27 +356,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -171,7 +171,8 @@ questions:
schema: schema:
type: int type: int
default: 80 default: 80
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -313,15 +314,14 @@ questions:
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -332,6 +332,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -384,27 +414,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -160,7 +160,7 @@ questions:
label: "container port" label: "container port"
schema: schema:
type: int type: int
default: 8787 default: 8080
editable: false editable: false
hidden: true hidden: true
- variable: targetport - variable: targetport
@ -168,8 +168,9 @@ questions:
description: "When connecting internally to this App, you'll need this port" description: "When connecting internally to this App, you'll need this port"
schema: schema:
type: int type: int
default: 8787 default: 8080
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -222,7 +223,7 @@ questions:
label: "container port" label: "container port"
schema: schema:
type: int type: int
default: 51413 default: 6881
editable: false editable: false
hidden: true hidden: true
- variable: targetport - variable: targetport
@ -231,7 +232,8 @@ questions:
schema: schema:
type: int type: int
default: 51413 default: 51413
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -284,7 +286,7 @@ questions:
label: "container port" label: "container port"
schema: schema:
type: int type: int
default: 51413 default: 6881
editable: false editable: false
hidden: true hidden: true
- variable: targetport - variable: targetport
@ -293,7 +295,8 @@ questions:
schema: schema:
type: int type: int
default: 51413 default: 51413
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -434,15 +437,14 @@ questions:
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -453,6 +455,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -505,27 +537,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:
@ -533,7 +559,6 @@ questions:
default: "" default: ""
- variable: tcp - variable: tcp
label: "TCP Reverse Proxy Configuration" label: "TCP Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -551,9 +576,28 @@ questions:
default: "TCP" default: "TCP"
required: true required: true
editable: false editable: false
enum: hidden: true
- value: "TCP" - variable: serviceName
description: "Plain TCP Connections" label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -563,18 +607,9 @@ questions:
enum: enum:
- value: "torrent-tcp" - value: "torrent-tcp"
description: "Torrent-TCP: port 51413" description: "Torrent-TCP: port 51413"
- variable: certType
label: "Select Certificate Type"
schema:
editable: false
type: string
default: ""
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- variable: udp - variable: udp
label: "UDP Reverse Proxy Configuration" label: "UDP Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -592,9 +627,28 @@ questions:
default: "UDP" default: "UDP"
required: true required: true
editable: false editable: false
enum: hidden: true
- value: "UDP" - variable: serviceName
description: "Plain UDP Connections" label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:

View File

@ -22,14 +22,14 @@ services:
enabled: true enabled: true
type: ClusterIP type: ClusterIP
port: port:
port: 51413 port: 6881
protocol: TCP protocol: TCP
targetPort: 51413 targetPort: 51413
udp: udp:
enabled: true enabled: true
type: ClusterIP type: ClusterIP
port: port:
port: 51413 port: 6881
protocol: UDP protocol: UDP
targetPort: 51413 targetPort: 51413
@ -85,7 +85,7 @@ additionalVolumeMounts:
- mountPath: /config/custom-cont-init.d - mountPath: /config/custom-cont-init.d
name: qbittorrent-scripts name: qbittorrent-scripts
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:

View File

@ -86,7 +86,7 @@ additionalVolumeMounts:
- mountPath: /config/custom-cont-init.d - mountPath: /config/custom-cont-init.d
name: qbittorrent-scripts name: qbittorrent-scripts
appIngressEnabled: false
#appVolumeMounts: #appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -171,7 +171,8 @@ questions:
schema: schema:
type: int type: int
default: 7878 default: 7878
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -368,15 +369,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -387,6 +387,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -439,27 +469,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -170,7 +170,8 @@ questions:
schema: schema:
type: int type: int
default: 8787 default: 8787
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -366,15 +367,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -385,6 +385,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -437,27 +467,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -61,7 +61,7 @@ persistence:
# skipuninstall: false # skipuninstall: false
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:

View File

@ -61,7 +61,7 @@ persistence:
# skipuninstall: false # skipuninstall: false
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
#appVolumeMounts: #appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
web_portal: web_portal:
@ -179,7 +179,8 @@ questions:
schema: schema:
type: int type: int
default: 8080 default: 8080
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -311,15 +312,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -330,6 +330,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -382,27 +412,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -40,7 +40,7 @@ persistence:
# skipuninstall: false # skipuninstall: false
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
appVolumeMounts: appVolumeMounts:

View File

@ -40,7 +40,7 @@ persistence:
# skipuninstall: false # skipuninstall: false
# existingClaim: "" # existingClaim: ""
appIngressEnabled: false
# appVolumeMounts: # appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -180,7 +180,8 @@ questions:
schema: schema:
type: int type: int
default: 8989 default: 8989
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -369,15 +370,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -388,6 +388,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -440,27 +470,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration" description: "Networking / service configuration"
- name: "Storage" - name: "Storage"
description: "configure app volume mounts" description: "configure app volume mounts"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration" description: "Reverse Proxy configuration"
portals: portals:
@ -180,7 +180,8 @@ questions:
schema: schema:
type: int type: int
default: 8181 default: 8181
editable: true editable: false
hidden: true
- variable: nodePort - variable: nodePort
label: "(optional) host nodePort to expose to" label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected" description: "only get used when nodePort is selected"
@ -257,15 +258,14 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress - variable: ingress
label: "" label: ""
group: "Ingress" group: "Reverse Proxy Configuration"
schema: schema:
type: dict type: dict
attrs: attrs:
- variable: webui - variable: main
label: "Web Reverse Proxy Configuration" label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema: schema:
type: dict type: dict
attrs: attrs:
@ -276,6 +276,36 @@ questions:
default: false default: false
show_subquestions_if: true show_subquestions_if: true
subquestions: subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint - variable: entrypoint
label: "Select Entrypoint" label: "Select Entrypoint"
schema: schema:
@ -328,27 +358,21 @@ questions:
label: "Select Certificate Type" label: "Select Certificate Type"
schema: schema:
type: string type: string
default: "letsencrypt-prod" default: "selfsigned"
enum: enum:
- value: "" - value: ""
description: "No Encryption/TLS/Certificates" description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned" - value: "selfsigned"
description: "Self-Signed Certificate" description: "Self-Signed Certificate"
- value: "existingcert" - value: "ixcert"
description: "Existing Certificate" description: "TrueNAS SCALE Certificate"
show_subquestions_if: "existingcert" - variable: certificate
subquestions: label: "Select TrueNAS SCALE Certificate"
- variable: existingcert schema:
label: "Existing Certificate Name" type: int
schema: show_if: [["certType", "=", "ixcert"]]
type: string $ref:
default: "" - "definitions/certificate"
- variable: authForwardURL - variable: authForwardURL
label: "Forward Authentication URL" label: "Forward Authentication URL"
schema: schema:

View File

@ -19,8 +19,8 @@ groups:
description: "Configure when pod should be restarted in case of failure" description: "Configure when pod should be restarted in case of failure"
- name: "Resource Reservation" - name: "Resource Reservation"
description: "Specify resources to be allocated to workload" description: "Specify resources to be allocated to workload"
- name: "Ingress" - name: "Reverse Proxy Configuration"
description: "Configure Reverse Proxy" description: "Reverse Proxy configuration"
- name: "Certmanager Settings" - name: "Certmanager Settings"
description: "Configure Certmanager" description: "Configure Certmanager"
- name: "WARNING" - name: "WARNING"
@ -57,7 +57,7 @@ questions:
label: "Image Tag" label: "Image Tag"
schema: schema:
type: string type: string
default: "2.4.2" default: "2.4.6"
- variable: pullPolicy - variable: pullPolicy
description: "Docker Image Pull Policy" description: "Docker Image Pull Policy"
label: "Image Pull Policy" label: "Image Pull Policy"
@ -108,15 +108,138 @@ questions:
default: "002" default: "002"
- variable: ingress
label: ""
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: main
label: "WebUI"
schema:
type: dict
attrs:
- variable: enabled
label: "Enable Web Reverse Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP-IR"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: "api@internal"
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: "TraefikService"
- variable: entrypoint
label: "Select Entrypoint"
schema:
type: string
default: "websecure"
required: true
enum:
- value: "websecure"
description: "Websecure: HTTPS/TLS port 443"
- variable: hosts
label: "Hosts"
schema:
type: list
default: []
items:
- variable: host
label: "Host"
schema:
type: dict
attrs:
- variable: host
label: "Domain Name"
required: true
schema:
type: string
- variable: paths
label: "paths"
schema:
type: list
default: []
items:
- variable: path
label: "Path"
schema:
type: dict
attrs:
- variable: path
label: "path"
schema:
type: string
required: true
default: "/"
- variable: pathType
label: "pathType"
schema:
type: string
required: true
default: "prefix"
- variable: certType
label: "Select Certificate Type"
schema:
type: string
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:
type: string
default: ""
## TrueCharts Specific
- variable: appVolumeMounts - variable: appVolumeMounts
label: "app storage" label: "app storage"
group: "Storage" group: "Storage"
schema: schema:
type: dict type: dict
attrs: attrs:
# Config ------------------------ # Data ------------------------
- variable: data - variable: data
label: "Data Dataset" label: "data dataset"
schema: schema:
type: dict type: dict
$ref: $ref:
@ -130,6 +253,13 @@ questions:
required: true required: true
hidden: true hidden: true
editable: false editable: false
- variable: setPermissions
label: "Automatic Permissions"
description: "Automatically set permissions on install"
schema:
type: boolean
default: true
hidden: false
- variable: emptyDir - variable: emptyDir
label: "emptyDir" label: "emptyDir"
schema: schema:
@ -165,330 +295,6 @@ questions:
type: hostpath type: hostpath
required: true required: true
- variable: appIngress
label: ""
group: "Ingress"
schema:
type: dict
attrs:
- variable: webui
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
- variable: enabled
label: "Enable Web Reverse Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: entrypoint
label: "Select Entrypoint"
schema:
type: string
default: "websecure"
required: true
enum:
- value: "websecure"
description: "Websecure: HTTPS/TLS port 443"
- variable: host
label: "Host"
required: true
schema:
type: string
- variable: certType
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
show_if: [["certType", "=", "existingcert"]]
default: ""
- variable: authForwardURL
label: "Forward Authentication URL"
schema:
type: string
default: ""
- variable: certmanager
description: "Configure CertManager Settings"
label: "CertManager Settings"
group: "Certmanager Settings"
schema:
type: dict
required: true
attrs:
- variable: provider
description: "Select the CertManager provider to use"
label: "CertManager Provider"
schema:
type: string
default: ""
enum:
- value: ""
description: "none"
- value: "cloudflare"
description: "Cloudflare"
- value: "cloudDNS"
description: "Google cloudDNS"
- value: "route53"
description: "Route53"
- value: "digitalocean"
description: "Digitalocean"
- value: "rfc2136"
description: "rfc2136"
- value: "azureDNS"
description: "AzureDNS"
- value: "akamai"
description: "Akamai"
- value: "acmeDNS"
description: "acmeDNS"
- variable: email
description: "Email Adress to use with Letsencrypt"
label: "Email-Adress"
schema:
show_if: [["provider", "!=", ""]]
type: string
default: ""
required: true
- variable: wildcardDomain
description: "Enter Domain name here, if you want to setup a global wildcard-domain"
label: "Wildcard Domain"
schema:
show_if: [["provider", "!=", ""]]
type: string
default: ""
- variable: cloudflare
description: "Configure Cloudflare Settings"
label: "Cloudflare Settings"
schema:
show_if: [["provider", "=", "cloudflare"]]
type: dict
required: true
attrs:
- variable: apikey
description: "Enter your Cloudflare API-Key"
label: "API-Key"
schema:
type: string
default: ""
required: true
- variable: cloudDNS
description: "Configure Google cloudDNS Settings"
label: "Google cloudDNS Settings"
schema:
type: dict
show_if: [["provider", "=", "cloudDNS"]]
required: true
attrs:
- variable: project
description: "Enter your Google cloudDNS Project Name"
label: "Project"
schema:
type: string
default: ""
required: true
- variable: keyjson
description: "Enter your Google cloudDNS JSON Key"
label: "Key-JSON"
schema:
type: string
default: ""
required: true
- variable: route53
description: "Configure Route53 Settings"
label: "Route53 Settings"
schema:
type: dict
show_if: [["provider", "=", "route53"]]
required: true
attrs:
- variable: region
description: "Enter your Route53 Region"
label: "Region"
schema:
type: string
default: ""
required: true
- variable: accessKeyID
description: "Enter your Route53 accessKeyID"
label: "accessKeyID"
schema:
type: string
default: ""
required: true
- variable: secretaccesskey
description: "Enter your Route53 secretaccesskey"
label: "Secretaccesskey"
schema:
type: string
default: ""
required: true
- variable: digitalocean
description: "Configure Digitalocean Settings"
label: "Digitalocean Settings"
schema:
type: dict
show_if: [["provider", "=", "digitalocean"]]
required: true
attrs:
- variable: accesstoken
description: "Enter your Digitalocean Access Token"
label: "Access Token"
schema:
type: string
default: ""
required: true
- variable: rfc2136
description: "Configure rfc2136 Settings"
label: "rfc2136 Settings"
schema:
type: dict
show_if: [["provider", "=", "rfc2136"]]
required: true
attrs:
- variable: nameserver
description: "Enter your rfc2136 Nameserver"
label: "Nameserver"
schema:
type: string
default: ""
required: true
- variable: tsigKeyName
description: "Enter your rfc2136 tsigKeyName"
label: "tsigKeyName"
schema:
type: string
default: ""
required: true
- variable: tsigsecretkey
description: "Enter your rfc2136 tsigsecretkey"
label: "tsigsecretkey"
schema:
type: string
default: ""
required: true
- variable: tsigAlgorithm
description: "Enter your rfc2136 tsigAlgorithm"
label: "tsigAlgorithm"
schema:
type: string
default: ""
required: true
- variable: azureDNS
description: "Configure AzureDNS Settings"
label: "AzureDNS Settings"
schema:
type: dict
show_if: [["provider", "=", "azureDNS"]]
required: true
attrs:
- variable: environment
description: "Enter your AzureDNS environment"
label: "environment"
schema:
type: string
default: ""
required: true
- variable: subscriptionID
description: "Enter your AzureDNS subscriptionID"
label: "subscriptionID"
schema:
type: string
default: ""
required: true
- variable: resourceGroupName
description: "Enter your AzureDNS resourceGroupName"
label: "resourceGroupName"
schema:
type: string
default: ""
required: true
- variable: hostedZoneName
description: "Enter your AzureDNS hostedZoneName"
label: "hostedZoneName"
schema:
type: string
default: ""
required: true
- variable: akamai
description: "Configure Akamai Settings"
label: "Akamai Settings"
schema:
type: dict
show_if: [["provider", "=", "akamai"]]
required: true
attrs:
- variable: serviceConsumerDomain
description: "Enter your Akamai serviceConsumerDomain"
label: "serviceConsumerDomain"
schema:
type: string
default: ""
required: true
- variable: clientToken
description: "Enter your Akamai clientToken"
label: "clientToken"
schema:
type: string
default: ""
required: true
- variable: clientSecret
description: "Enter your Akamai clientSecret"
label: "clientSecret"
schema:
type: string
default: ""
required: true
- variable: accessToken
description: "Enter your Akamai accessToken"
label: "accessToken"
schema:
type: string
default: ""
required: true
- variable: acmeDNS
description: "Configure acmeDNS Settings"
label: "acmeDNS Settings"
schema:
type: dict
show_if: [["provider", "=", "acmeDNS"]]
required: true
attrs:
- variable: host
description: "Enter your acmeDNS host"
label: "host"
schema:
type: string
default: ""
required: true
- variable: apikey
description: "Enter your acmeDNS acmednsjson"
label: "acmednsjson"
schema:
type: string
default: ""
required: true
- variable: warning - variable: warning
label: "This App binds to the same ports as TrueNAS SCALE UI: 80 and 443" label: "This App binds to the same ports as TrueNAS SCALE UI: 80 and 443"
description: "Please be sure to set the UI to a different port or adapter" description: "Please be sure to set the UI to a different port or adapter"

View File

@ -72,12 +72,14 @@
{{- toYaml . | nindent 10 }} {{- toYaml . | nindent 10 }}
{{- end }} {{- end }}
volumeMounts: volumeMounts:
{{- include "configuredAppVolumeMounts" . | indent 10 }} {{- include "common.storage.allContainerVolumeMounts" . | indent 10 }}
#- name: data {{- if .Values.persistence.enabled }}
# mountPath: {{ .Values.persistence.path }} - name: {{ .Values.persistence.name }}
# {{- if .Values.persistence.subPath }} mountPath: {{ .Values.persistence.path }}
# subPath: {{ .Values.persistence.subPath }} {{- if .Values.persistence.subPath }}
# {{- end }} subPath: {{ .Values.persistence.subPath }}
{{- end }}
{{- end }}
- name: tmp - name: tmp
mountPath: /tmp mountPath: /tmp
{{- $root := . }} {{- $root := . }}
@ -207,27 +209,29 @@
{{- toYaml .Values.deployment.additionalContainers | nindent 6 }} {{- toYaml .Values.deployment.additionalContainers | nindent 6 }}
{{- end }} {{- end }}
volumes: volumes:
{{- include "configuredAppVolumes" . | indent 8 }} {{- if .Values.appVolumeMounts }}
#- name: data {{- include "common.storage.allAppVolumes" . | indent 8 }}
# {{- if .Values.persistence.enabled }} {{- else if .Values.persistence.enabled }}
# persistentVolumeClaim: - name: data
# claimName: {{ default (include "traefik.fullname" .) .Values.persistence.existingClaim }} persistentVolumeClaim:
# {{- else }} claimName: {{ default (include "traefik.fullname" .) .Values.persistence.existingClaim }}
# emptyDir: {} {{- else }}
# {{- end }} - name: data
emptyDir: {}
{{- end }}
- name: tmp - name: tmp
emptyDir: {} emptyDir: {}
#{{- $root := . }} {{- $root := . }}
#{{- range .Values.volumes }} {{- range .Values.volumes }}
#- name: {{ tpl (.name) $root }} - name: {{ tpl (.name) $root }}
# {{- if eq .type "secret" }} {{- if eq .type "secret" }}
# secret: secret:
# secretName: {{ tpl (.name) $root }} secretName: {{ tpl (.name) $root }}
# {{- else if eq .type "configMap" }} {{- else if eq .type "configMap" }}
# configMap: configMap:
# name: {{ tpl (.name) $root }} name: {{ tpl (.name) $root }}
# {{- end }} {{- end }}
#{{- end }} {{- end }}
{{- if .Values.deployment.additionalVolumes }} {{- if .Values.deployment.additionalVolumes }}
{{- toYaml .Values.deployment.additionalVolumes | nindent 8 }} {{- toYaml .Values.deployment.additionalVolumes | nindent 8 }}
{{- end }} {{- end }}

View File

@ -1,52 +0,0 @@
{{/*
Retrieve host path from ix volumes based on dataset name
*/}}
{{- define "retrieveHostPathFromiXVolume" -}}
{{- range $index, $hostPathConfiguration := $.ixVolumes }}
{{- $dsName := base $hostPathConfiguration.hostPath -}}
{{- if eq $.datasetName $dsName -}}
{{- $hostPathConfiguration.hostPath -}}
{{- end }}
{{- end }}
{{- end -}}
{{/*
Define appVolumeMounts for container
*/}}
{{- define "configuredAppVolumeMounts" -}}
{{- if and .Values.appVolumesEnabled .Values.appVolumeMounts }}
{{- range $name, $avm := .Values.appVolumeMounts -}}
{{- if $avm.enabled }}
- name: {{ $name }}
mountPath: {{ $avm.mountPath }}
{{- if $avm.subPath }}
subPath: {{ $avm.subPath }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}
{{/*
Define hostPath for appVolumes
*/}}
{{- define "configuredAppVolumes" -}}
{{- if and .Values.appVolumesEnabled .Values.appVolumeMounts }}
{{- range $name, $av := .Values.appVolumeMounts -}}
{{- if $av.enabled }}
- name: {{ $name }}
{{- if or $av.emptyDir $.Values.emptyDirVolumes }}
emptyDir: {}
{{- else }}
hostPath:
{{ if $av.hostPathEnabled }}
path: {{ required "hostPath not set" $av.hostPath }}
{{- else }}
{{- $volDict := dict "datasetName" $av.datasetName "ixVolumes" $.Values.ixVolumes -}}
path: {{ include "retrieveHostPathFromiXVolume" $volDict }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

View File

@ -1,69 +1 @@
{{- if .Values.appIngress.webui.enabled -}} {{ include "common.ingress" . }}
{{- if .Values.appIngress.webui.host -}}
{{- if or (eq .Values.appIngress.webui.certType "letsencrypt-prod") (eq .Values.appIngress.webui.certType "letsencrypt-staging") }}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ .Release.Name }}
annotations:
# hooks are defined here
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-weight": "10"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
commonName: {{ .Values.appIngress.webui.host }}
secretName: {{ .Release.Name }}
dnsNames:
- {{ .Values.appIngress.webui.host }}
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
group: cert-manager.io
---
{{- end }}
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: {{ .Release.Name }}
spec:
entryPoints:
- {{ .Values.appIngress.webui.entrypoint }}
routes:
- kind: Rule
match: Host(`{{ .Values.appIngress.webui.host }}`)
services:
- name: api@internal # The internal name of the Dashboard for Traefik
kind: TraefikService
middlewares:
- name: traefik-middlewares-chain-public@kubernetescrd
{{- if .Values.appIngress.webui.authForwardUrl -}}
- name: {{ .Release.Name }}-auth-forward
{{- end }}
{{- if .Values.appIngress.webui.certType }}
tls: {{- if eq .Values.appIngress.webui.certType "selfsigned" -}}[]{{ else if eq .Values.appIngress.webui.certType "existingcert" }}
secretName: {{ .Values.appIngress.webui.existingCert }}
{{- else if eq .Values.appIngress.webui.certType "wildcard" -}}
secretName: wildcardcert
{{ else }}
secretName: {{ .Release.Name }}
{{- end }}
{{- end }}
{{- if .Values.appIngress.webui.authForwardUrl -}}
---
# Forward authentication
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: {{ .Release.Name }}-auth-forward
spec:
forwardAuth:
address: '{{ .Values.appIngress.webui.authForwardUrl }}'
trustForwardHeader: true
authResponseHeaders:
- Remote-User
- Remote-Groups
- Remote-Name
- Remote-Email
{{- end }}
{{- end }}
{{- end }}

View File

@ -1,197 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: dns-secrets
#namespace: cert-manager
type: Opaque
stringData:
{{- if eq .Values.certmanager.provider "cloudflare" }}
api-key: {{ .Values.certmanager.cloudflare.apikey | quote }}
{{- else if eq .Values.certmanager.provider "cloudDNS" }}
key-json: {{ .Values.certmanager.cloudDNS.keyjson | quote }}
{{- else if eq .Values.certmanager.provider "route53" }}
secret-access-key: {{ .Values.certmanager.route53.secretaccesskey | quote }}
{{- else if eq .Values.certmanager.provider "digitalocean" }}
access-token: {{ .Values.certmanager.digitalocean.accesstoken | quote }}
{{- else if eq .Values.certmanager.provider "rfc2136" }}
rfc2136:
tsig-secret-key: {{ .Values.certmanager.rfc2136.tsigsecretkey | quote }}
{{- else if eq .Values.certmanager.provider "akamai" }}
clientToken: {{ .Values.certmanager.akamai.clientToken| quote }}
clientSecret: {{ .Values.certmanager.akamai.clientSecret| quote }}
accessToken: {{ .Values.certmanager.akamai.accessToken| quote }}
{{- else if eq .Values.certmanager.provider "acmeDNS" }}
acmedns-json: {{ .Values.certmanager.acmeDNS.acmednsjson | quote }}
{{- end }}
---
{{- if .Values.certmanager.email -}}
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
#namespace: default
annotations:
# hooks are defined here
"helm.sh/hook": post-install,post-upgrade
#"helm.sh/hook-weight": "0"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
acme:
# You must replace this email address with your own.
# Let's Encrypt will use this to contact you about expiring
# certificates, and issues related to your account.
email: {{ .Values.certmanager.email }}
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
# Secret resource used to store the account's private key.
name: prod-issuer-account-key
# Add a single challenge solver, DNS01
solvers:
- dns01:
{{- if eq .Values.certmanager.provider "cloudflare" }}
cloudflare:
email: {{ .Values.certmanager.email }}
apiKeySecretRef:
name: dns-secrets
key: api-key
{{- else if eq .Values.certmanager.provider "cloudDNS" }}
cloudDNS:
# The ID of the GCP project
project: {{ .Values.certmanager.cloudDNS.project }}
# This is the secret used to access the service account
serviceAccountSecretRef:
name: dns-secrets
key: key-json
{{- else if eq .Values.certmanager.provider "route53" }}
route53:
region: {{ .Values.certmanager.route53.region }}
accessKeyID: {{ .Values.certmanager.route53.accessKeyID }}
secretAccessKeySecretRef:
name: dns-secrets
key: secret-access-key
# you can also assume a role with these credentials
role: {{ .Values.certmanager.route53.role }}
{{- else if eq .Values.certmanager.provider "digitalocean" }}
digitalocean:
tokenSecretRef:
name: dns-secrets
key: access-token
{{- else if eq .Values.certmanager.provider "rfc2136" }}
rfc2136:
nameserver: {{ .Values.certmanager.rfc2136.nameserver }}
tsigKeyName: {{ .Values.certmanager.rfc2136.tsigKeyName }}
tsigAlgorithm: {{ .Values.certmanager.rfc2136.tsigAlgorithm }}
tsigSecretSecretRef:
name: dns-secrets
key: tsig-secret-key
{{- else if eq .Values.certmanager.provider "azureDNS" }}
azureDNS:
subscriptionID: {{ .Values.certmanager.azureDNS.subscriptionID }}
resourceGroupName: {{ .Values.certmanager.azureDNS.resourceGroupName }}
hostedZoneName: {{ .Values.certmanager.azureDNS.hostedZoneName }}
environment: {{ .Values.certmanager.azureDNS.environment }}
{{- else if eq .Values.certmanager.provider "akamai" }}
akamai:
serviceConsumerDomain: {{ .Values.certmanager.akamai.serviceConsumerDomain }}
clientTokenSecretRef:
name: dns-secrets
key: clientToken
clientSecretSecretRef:
name: dns-secrets
key: clientSecret
accessTokenSecretRef:
name: dns-secrets
key: akamaiaccessToken
{{- else if eq .Values.certmanager.provider "acmeDNS" }}
acmeDNS:
host: {{ .Values.certmanager.acmeDNS.host }}
accountSecretRef:
name: dns-secrets
key: acmedns-json
{{- end }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
#namespace: default
annotations:
# hooks are defined here
"helm.sh/hook": post-install,post-upgrade
#"helm.sh/hook-weight": "0"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
acme:
# You must replace this email address with your own.
# Let's Encrypt will use this to contact you about expiring
# certificates, and issues related to your account.
email: {{ .Values.certmanager.email }}
server: https://acme-staging-v02.api.letsencrypt.org/directory
privateKeySecretRef:
# Secret resource used to store the account's private key.
name: staging-issuer-account-key
# Add a single challenge solver, DNS01
solvers:
- dns01:
{{- if eq .Values.certmanager.provider "cloudflare" }}
cloudflare:
email: {{ .Values.certmanager.email }}
apiKeySecretRef:
name: dns-secrets
key: api-key
{{- else if eq .Values.certmanager.provider "cloudDNS" }}
cloudDNS:
# The ID of the GCP project
project: {{ .Values.certmanager.cloudDNS.project }}
# This is the secret used to access the service account
serviceAccountSecretRef:
name: dns-secrets
key: key-json
{{- else if eq .Values.certmanager.provider "route53" }}
route53:
region: {{ .Values.certmanager.route53.region }}
accessKeyID: {{ .Values.certmanager.route53.accessKeyID }}
secretAccessKeySecretRef:
name: dns-secrets
key: secret-access-key
# you can also assume a role with these credentials
role: arn:aws:iam::YYYYYYYYYYYY:role/dns-manager
{{- else if eq .Values.certmanager.provider "digitalocean" }}
digitalocean:
tokenSecretRef:
name: dns-secrets
key: access-token
{{- else if eq .Values.certmanager.provider "rfc2136" }}
rfc2136:
nameserver: {{ .Values.certmanager.rfc2136.nameserver }}
tsigKeyName: {{ .Values.certmanager.rfc2136.tsigKeyName }}
tsigAlgorithm: {{ .Values.certmanager.rfc2136.tsigAlgorithm }}
tsigSecretSecretRef:
name: dns-secrets
key: tsig-secret-key
{{- else if eq .Values.certmanager.provider "azureDNS" }}
azureDNS:
subscriptionID: {{ .Values.certmanager.azureDNS.subscriptionID }}
resourceGroupName: {{ .Values.certmanager.azureDNS.resourceGroupName }}
hostedZoneName: {{ .Values.certmanager.azureDNS.hostedZoneName }}
environment: {{ .Values.certmanager.azureDNS.environment }}
{{- else if eq .Values.certmanager.provider "akamai" }}
akamai:
serviceConsumerDomain: {{ .Values.certmanager.akamai.serviceConsumerDomain }}
clientTokenSecretRef:
name: dns-secrets
key: clientToken
clientSecretSecretRef:
name: dns-secrets
key: clientSecret
accessTokenSecretRef:
name: dns-secrets
key: akamaiaccessToken
{{- else if eq .Values.certmanager.provider "acmeDNS" }}
acmeDNS:
host: {{ .Values.certmanager.acmeDNS.host }}
accountSecretRef:
name: dns-secrets
key: acmedns-json
{{- end }}
{{- end }}

View File

@ -2,7 +2,6 @@ apiVersion: traefik.containo.us/v1alpha1
kind: TLSOption kind: TLSOption
metadata: metadata:
name: default name: default
namespace: default
spec: spec:
minVersion: VersionTLS12 minVersion: VersionTLS12
cipherSuites: cipherSuites:

View File

@ -1,23 +0,0 @@
{{- if .Values.certmanager.wildcardDomain -}}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: wildcardcert
annotations:
# hooks are defined here
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-weight": "10"
"helm.sh/hook-delete-policy": before-hook-creation
reflector.v1.k8s.emberstack.com/secret-reflection-allowed: "true"
reflector.v1.k8s.emberstack.com/secret-reflection-auto-enabled: "true"
spec:
commonName: {{ .Values.certmanager.wildcardDomain }}
secretName: wildcardcert
dnsNames:
- {{ .Values.certmanager.wildcardDomain }}
- '*.{{ .Values.certmanager.wildcardDomain }}'
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
group: cert-manager.io
{{- end }}

View File

@ -3,7 +3,7 @@
{{- with .Values.additionalArguments -}} {{- with .Values.additionalArguments -}}
{{- range . -}} {{- range . -}}
{{- if contains ".acme." . -}} {{- if contains ".acme." . -}}
{{- fail (printf "You can not enabled acme if you set more than one traefik replica") -}} {{- fail (printf "You can not enable acme if you set more than one traefik replica") -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}

View File

@ -82,7 +82,7 @@ experimental:
# Create an IngressRoute for the dashboard # Create an IngressRoute for the dashboard
ingressRoute: ingressRoute:
dashboard: dashboard:
enabled: true enabled: false
# Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class) # Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
annotations: {} annotations: {}
# Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels) # Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
@ -442,12 +442,12 @@ autoscaling:
persistence: persistence:
enabled: false enabled: false
# existingClaim: "" # existingClaim: ""
accessMode: ReadWriteOnce #accessMode: ReadWriteOnce
size: 128Mi #size: 128Mi
# storageClass: "" ## storageClass: ""
path: /data #path: /data
annotations: {} #annotations: {}
# subPath: "" # only mount a subpath of the Volume into the pod ## subPath: "" # only mount a subpath of the Volume into the pod
# If hostNetwork is true, runs traefik in the host network namespace # If hostNetwork is true, runs traefik in the host network namespace
# To prevent unschedulabel pods due to port collisions, if hostNetwork=true # To prevent unschedulabel pods due to port collisions, if hostNetwork=true
@ -523,55 +523,20 @@ appVolumeMounts:
emptyDir: true emptyDir: true
mountPath: "/data" mountPath: "/data"
ingress:
dashboard:
appIngress: enabled: true
webui: type: "HTTP-IR"
enabled: false
entrypoint: "websecure" entrypoint: "websecure"
certType: "letsencrypt-prod" certType: "selfsigned"
existingcert: "" serviceName: api@internal
authForwardURL: "" servicePort:
host: "traefik.example.truecharts.org" serviceKind: "TraefikService"
annotations: {}
certmanager: labels: {}
# general hosts:
provider: "" - host: chart-example.local
email: "" paths:
wildcardDomain: "" - path: /
# provider specific # Ignored if not kubeVersion >= 1.14-0
cloudflare: pathType: Prefix
apikey: "placeholder"
cloudDNS:
project: ""
keyjson: "placeholder"
route53:
region: ""
accessKeyID: ""
secretaccesskey: "placeholder"
digitalocean:
accesstoken: "placeholder"
rfc2136:
nameserver: ""
tsigKeyName: ""
tsigAlgorithm: ""
tsigsecretkey: "placeholder"
azureDNS:
environment: ""
subscriptionID: ""
resourceGroupName: ""
hostedZoneName: ""
akamai:
serviceConsumerDomain: ""
clientToken: "placeholder"
clientSecret: "placeholder"
accessToken: "placeholder"
acmeDNS:
host: ""
acmednsjson: "placeholder"
cert-manager:
installCRDs: true
extraArgs:
- --dns01-recursive-nameservers-only
- --dns01-recursive-nameservers=1.1.1.1:53

Some files were not shown because too many files have changed in this diff Show More