Refactor Ingress (#219)

* Refactor Ingress and Add Tests

* New HTTP Ingress UI Layout

* Cleanup plain TCP and all UDP ingress UI's

* Bulk Traefik Changes:

- update traefik
- move storage to common chart
- Remove reflector
- Remove Cert-Manager
- Add http IngressRoute to common
- remove ingress(Route) from traefik
- Cleanup Ingress(Route) to be includable in other charts

* Update common included with all Apps

* Update traefik and addserviceName, servicePort and serviceKind to questions.yaml

* Polish: Auto find port and servicename for ingress, allow override

* Add basic documentation and examples

* Cleanup

* small bugfix

* fix mini mistake in qbittorrent

* Use default torrent port within qbittorrent
This commit is contained in:
Kjeld Schouten-Lebbing 2021-03-05 22:31:02 +01:00 committed by kjeld Schouten-Lebbing
parent d22b481a3f
commit fb8e40c18b
No known key found for this signature in database
GPG Key ID: 4CDAD4A532BC1EDB
134 changed files with 3284 additions and 2073 deletions

270
.github/docs/development/ingress.md vendored Normal file
View File

@ -0,0 +1,270 @@
# Ingress
Ingress is what we call "Reverse Proxy" in the UI and in the user side of the documentation. Please be aware that those refer to the same system. An Ingress is, simply put, just Kubernetes way of connecting outsides to Apps running in containers.
### Ingress Types
We currently support:
- HTTP via Ingres
- HTTP via Traefik IngressRoute (HTTP-IR)
- TCP via Traefik IngressRouteTCP
- UDP via Traefik IngressRouteUDP
From questions.yaml and the UI, these can be changed with selecting another "Type". However: Under the hood IngressRoutes and Ingress are totally different beasts and have a seperate creation process. Errors for Plain HTTP do NOT have to be present in HTTP-IR.
It's also important to note that TCP (and even more so: UDP) have less options available. The example configurations below contain a mostly complete overview of what is currently available and reasonable.
##### Ingress and Services
It's important to know what Ingress does, before you start creating ingresses in questions.yaml. Ingresses send outside Traffic, to a kubernetes Service, which in turn forwards traffic to the actual containers.
This means that every container needs to know how to reach their Service. If they do not, things go wrong.
To ensure this, it's adviced to keep the names of your Ingresses the same as the names of your services. We made sure the ingress would automatically detect (and connect to) the main port of a Service with the same name.
However: In case you need to do this differently, need to connect to additionalServices and/or need to connect to a secondary port, you can manually set both the serviceName and servicePort in questions.yaml. We advice however, to only do so if absolutely necessary!
##### The Main Ingress
The main Ingress and Main service take an important role in our standardisation. Where the main Service is used for healthchecks and the "portal" button, the main Ingress is just used for the portal button.
However: As the maintainers expect new features to be connecting to the main service and main ingress, it will cause problems if you decide to bypass/ignore these.
### Standards/Examples
We try to maintain as much of a standardised questions.yaml format as possible, to ensure (bulk) editing stays as easy as possible.
##### HTTP Ingress
```
- variable: ingress
label: ""
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
label: "Web Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: enabled
label: "Enable Web Reverse Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# type: int
# default: 80
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
type: string
default: "websecure"
required: true
enum:
- value: "websecure"
description: "Websecure: HTTPS/TLS port 443"
- variable: hosts
label: "Hosts"
schema:
type: list
default: []
items:
- variable: host
label: "Host"
schema:
type: dict
attrs:
- variable: host
label: "Domain Name"
required: true
schema:
type: string
- variable: paths
label: "paths"
schema:
type: list
default: []
items:
- variable: path
label: "Path"
schema:
type: dict
attrs:
- variable: path
label: "path"
schema:
type: string
required: true
default: "/"
- variable: pathType
label: "pathType"
schema:
type: string
required: true
default: "prefix"
- variable: certType
label: "Select Certificate Type"
schema:
type: string
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:
type: string
default: ""
```
##### TCP Ingress
```
- variable: tcp
label: "TCP Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: enabled
label: "Enable TCP Reverse Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Select Reverse Proxy Type"
schema:
type: string
default: "TCP"
required: true
editable: false
hidden: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# type: int
# default: 80
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
type: string
default: "torrent-tcp"
required: true
enum:
- value: "torrent-tcp"
description: "Torrent-TCP: port 51413"
```
##### UDP Ingress
```
- variable: udp
label: "UDP Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: enabled
label: "Enable UDP Reverse Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Select Reverse Proxy Type"
schema:
type: string
default: "UDP"
required: true
editable: false
hidden: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# type: int
# default: 80
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
type: string
default: "torrent-udp"
required: true
enum:
- value: "torrent-udp"
description: "Torrent-UDP: port 51413"
```

View File

@ -69,7 +69,8 @@ Please keep in mind that every App is different, some just have one service (whi
schema:
type: int
default: 80
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -133,7 +134,8 @@ in some edgecases users might need or want to have the option to add unlimited c
schema:
type: int
default: 80
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"

24
.github/docs/general/reverse-proxy.md vendored Normal file
View File

@ -0,0 +1,24 @@
# Reverse Proxy
Within TrueCharts our aim is to make it as easy as possible to secure your Apps. To support this we Supply a Traefik "Reverse Proxy", which has been preconfigured to provide secure and fast connections.
To use Traefik as a Reverse Proxy, all you have to do is enable "Reverse Proxy" in the App of your choice and fill out a little form.
### Types of Reverse Proxys
We currently offer the following types of pre-configured reverse proxies:
- HTTP
- HTTP using CRD (Advanced)
- TCP
- UDP
Besides HTTP, all these options, require Traefik to be installed before you enable Reverse Proxy on your App. I many cases, the maintainer of your app has hidden specific settings, like the type of Reverse proxies available, to suit your App.
### Adding Certificates
To add certificates to Apps, we use the TrueNAS SCALE certificate storage. This means you first need to add Certificates to TrueNAS SCALE, after which you can select them when Installing or Editing your App.

2
.gitignore vendored
View File

@ -41,3 +41,5 @@ tests/test-report.txt
tests/test-report.xml
private_values.yaml
temp/
library/common-test/charts/*
Chart.lock

View File

@ -0,0 +1,11 @@
for chart in charts/*; do
if [ -d "${chart}" ]; then
maxfolderversion=$(ls -l ${chart} | grep ^d | awk '{print $9}' | tail -n 1)
chartname=$(basename ${chart})
echo "Processing: ${chart} - folder: ${maxfolderversion} - version: ${maxchartversion}"
if [ "${maxfolderversion}" != "${maxchartversion}" ]; then
rm -Rf ${chart}/${maxfolderversion}/charts/*.tgz
cp -f library/common-test/charts/* ${chart}/${maxfolderversion}/charts/
fi
fi
done

View File

@ -264,5 +264,644 @@ class Test < ChartTest
end
end
describe 'ingress' do
it 'should be disabled when (additional)ingress enabled = false' do
values = {
ingress: {
test1: {
enabled: false
},
test2: {
enabled: false
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
assert_nil(resource('Ingress'))
end
it 'should be enabled when (additional)ingress enabled = true' do
values = {
ingress: {
test1: {
enabled: true
},
test2: {
enabled: true
}
},
additionalIngress: [
{
enabled: true,
name: "test3"
},
{
enabled: true,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('Ingress'))
end
it 'should be not create ingressroute unless type tcp/udp' do
values = {
ingress: {
test1: {
enabled: true
},
test2: {
enabled: true
}
},
additionalIngress: [
{
enabled: true,
name: "test3"
},
{
enabled: true,
name: "test4"
}
]
}
chart.value values
assert_nil(resource('IngressRouteTCP'))
assert_nil(resource('IngressRouteUDP'))
end
it 'should be enabled when half (additional)ingress enabled = true' do
values = {
ingress: {
test1: {
enabled: false
},
test2: {
enabled: true
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: true,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('Ingress'))
end
it 'ingress with hosts' do
values = {
ingress: {
test1: {
hosts: [
{
host: 'hostname',
paths: [
{
path: '/'
}
]
}
]
}
}
}
chart.value values
jq('.spec.rules[0].host', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.rules[0].http.paths[0].path', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:paths][0][:path]
end
it 'ingress with hosts template is evaluated' do
expectedHostName = 'common-test.hostname'
values = {
ingress: {
test1: {
hosts: [
{
hostTpl: '{{ .Release.Name }}.hostname',
paths: [
{
path: '/'
}
]
}
]
}
}
}
chart.value values
jq('.spec.rules[0].host', resource('Ingress')).must_equal expectedHostName
jq('.spec.rules[0].http.paths[0].path', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:paths][0][:path]
end
it 'ingress with hosts and tls' do
values = {
ingress: {
test1: {
enabled: true,
hosts: [
{
host: 'hostname',
paths: [
{
path: '/'
}
]
}
],
tls: [
{
hosts: [ 'hostname' ],
secretName: 'hostname-secret-name'
}
]
}
}
}
chart.value values
jq('.spec.rules[0].host', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.rules[0].http.paths[0].path', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:paths][0][:path]
jq('.spec.tls[0].hosts[0]', resource('Ingress')).must_equal values[:ingress][:test1][:tls][0][:hosts][0]
jq('.spec.tls[0].secretName', resource('Ingress')).must_equal values[:ingress][:test1][:tls][0][:secretName]
end
it 'ingress with tls template is evaluated' do
expectedHostName = 'common-test.hostname'
expectedSecretName = 'common-test-hostname-secret-name'
values = {
ingress: {
test1: {
enabled: true,
tls: [
{
hostsTpl: [ '{{ .Release.Name }}.hostname' ],
secretNameTpl: '{{ .Release.Name }}-hostname-secret-name'
}
]
}
}
}
chart.value values
jq('.spec.tls[0].hosts[0]', resource('Ingress')).must_equal expectedHostName
jq('.spec.tls[0].secretName', resource('Ingress')).must_equal expectedSecretName
end
it 'ingress with hosts and tls template is evaluated' do
expectedHostName = 'common-test.hostname'
expectedSecretName = 'common-test-hostname-secret-name'
values = {
ingress: {
test1: {
enabled: true,
hosts: [
{
hostTpl: '{{ .Release.Name }}.hostname',
paths: [
{
path: '/'
}
]
}
],
tls: [
{
hostsTpl: [ '{{ .Release.Name }}.hostname' ],
secretNameTpl: '{{ .Release.Name }}-hostname-secret-name'
}
]
}
}
}
chart.value values
jq('.spec.rules[0].host', resource('Ingress')).must_equal expectedHostName
jq('.spec.rules[0].http.paths[0].path', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:paths][0][:path]
jq('.spec.tls[0].hosts[0]', resource('Ingress')).must_equal expectedHostName
jq('.spec.tls[0].secretName', resource('Ingress')).must_equal expectedSecretName
end
it 'ingress with selfsigned certtype is evaluated' do
expectedHostName = 'common-test.hostname'
expectedSecretName = 'common-test-hostname-secret-name'
values = {
ingress: {
test1: {
enabled: true,
hosts: [
{
host: 'hostname',
paths: [
{
path: '/'
}
]
}
],
certType: "selfsigned"
}
}
}
chart.value values
jq('.spec.rules[0].host', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.rules[0].http.paths[0].path', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:paths][0][:path]
jq('.spec.tls[0].hosts[0]', resource('Ingress')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.tls[0].secretName', resource('Ingress')).must_equal nil
end
it 'should create when type = HTTP' do
values = {
ingress: {
test1: {
enabled: true,
type: "HTTP"
},
test2: {
enabled: false
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('Ingress'))
end
it 'check no middleware without traefik' do
values = {
ingress: {
test1: {
enabled: true
}
}
}
chart.value values
assert_nil(resource('Middleware'))
end
it 'check authForward when authForwardURL is set' do
expectedName = 'common-test-test1-auth-forward'
values = {
ingress: {
test1: {
enabled: true,
authForwardURL: "test.test.com"
}
}
}
chart.value values
refute_nil(resource('Middleware'))
jq('.spec.forwardAuth.address', resource('Middleware')).must_equal values[:ingress][:test1][:authForwardURL]
jq('.metadata.name', resource('Middleware')).must_equal expectedName
end
end
describe 'ingressRoutes' do
it 'should create only TCP when type = TCP' do
values = {
ingress: {
test1: {
enabled: true,
type: "TCP"
},
test2: {
enabled: false
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('IngressRouteTCP'))
assert_nil(resource('IngressRouteUDP'))
end
it 'should create only UDP when type = UDP' do
values = {
ingress: {
test1: {
enabled: true,
type: "UDP"
},
test2: {
enabled: false
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('IngressRouteUDP'))
assert_nil(resource('IngressRouteTCP'))
end
it 'should create only additional TCP when type = TCP' do
values = {
ingress: {
test1: {
enabled: false
},
test2: {
enabled: false
}
},
additionalIngress: [
{
enabled: true,
name: "test3",
type: "TCP"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('IngressRouteTCP'))
assert_nil(resource('IngressRouteUDP'))
end
it 'should create only additional UDP when type = UDP' do
values = {
ingress: {
test1: {
enabled: false
},
test2: {
enabled: false
}
},
additionalIngress: {
test3: {
enabled: true,
type: "UDP"
},
test4: {
enabled: false
}
}
}
chart.value values
refute_nil(resource('IngressRouteUDP'))
assert_nil(resource('IngressRouteTCP'))
end
it 'should be able to create 3 ingress types' do
values = {
ingress: {
test1: {
enabled: true,
type: "UDP"
},
test2: {
enabled: true,
type: "TCP"
},
test2b: {
enabled: true,
type: "HTTP"
}
},
additionalIngress: [
{
enabled: false,
name: "test3"
},
{
enabled: false,
name: "test4"
}
]
}
chart.value values
refute_nil(resource('IngressRouteUDP'))
refute_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
end
it 'should be able to create 3 additional ingress types' do
values = {
ingress: {
test1: {
enabled: false,
type: "UDP"
},
test2: {
enabled: false,
type: "TCP"
},
test2b: {
enabled: false,
type: "HTTP"
}
},
additionalIngress: [
{
enabled: true,
type: "HTTP",
name: "test3"
},
{
enabled: true,
type: "TCP",
name: "test4"
},
{
enabled: true,
type: "UDP",
name: "test5"
}
]
}
chart.value values
refute_nil(resource('IngressRouteUDP'))
refute_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
end
it 'ingressroute with selfsigned certtype is evaluated' do
values = {
ingress: {
test1: {
type: "TCP",
enabled: true,
hosts: [
{
host: 'hostname'
}
],
certType: "selfsigned"
}
}
}
chart.value values
jq('.spec.tls.domains[0].main', resource('IngressRouteTCP')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.tls.secretName', resource('IngressRouteTCP')).must_equal nil
end
it 'ingressrouteUDP + HTTP +TCP with selfsigned cert is evaluated ' do
values = {
ingress: {
test1: {
type: "TCP",
enabled: true,
hosts: [
{
host: 'hostname'
}
],
certType: "selfsigned"
},
test2: {
enabled: true,
type: "UDP"
},
test2b: {
enabled: true,
type: "HTTP"
}
}
}
chart.value values
jq('.spec.tls.domains[0].main', resource('IngressRouteTCP')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.tls.secretName', resource('IngressRouteTCP')).must_equal nil
refute_nil(resource('IngressRouteUDP'))
refute_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
end
it 'HTTP-ingressRoute is evaluated ' do
expectedHostString = 'Host(`hostname`)'
values = {
ingress: {
test1: {
type: "HTTP-IR",
enabled: true,
hosts: [
{
host: 'hostname'
}
]
}
}
}
chart.value values
jq('.spec.routes[0].match', resource('IngressRoute')).must_equal expectedHostString
assert_nil(resource('IngressRouteUDP'))
assert_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
refute_nil(resource('IngressRoute'))
end
it 'HTTP-ingressRoute with selfsigned cert is evaluated is evaluated ' do
expectedHostString = 'Host(`hostname`)'
values = {
ingress: {
test1: {
type: "HTTP-IR",
enabled: true,
hosts: [
{
host: 'hostname'
}
],
certType: "selfsigned"
}
}
}
chart.value values
jq('.spec.routes[0].match', resource('IngressRoute')).must_equal expectedHostString
assert_nil(resource('IngressRouteUDP'))
assert_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
refute_nil(resource('IngressRoute'))
jq('.spec.tls.domains[0].main', resource('IngressRoute')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.tls.secretName', resource('IngressRoute')).must_equal nil
end
it 'HTTP-ingressRoute+selfsigned+forwardAuth is evaluated is evaluated ' do
expectedHostString = 'Host(`hostname`)'
expectedName = 'common-test-test1-auth-forward'
values = {
ingress: {
test1: {
type: "HTTP-IR",
enabled: true,
hosts: [
{
host: 'hostname'
}
],
certType: "selfsigned",
authForwardURL: "test.com"
}
}
}
chart.value values
jq('.spec.routes[0].match', resource('IngressRoute')).must_equal expectedHostString
assert_nil(resource('IngressRouteUDP'))
assert_nil(resource('IngressRouteTCP'))
refute_nil(resource('Ingress'))
refute_nil(resource('IngressRoute'))
jq('.spec.tls.domains[0].main', resource('IngressRoute')).must_equal values[:ingress][:test1][:hosts][0][:host]
jq('.spec.tls.secretName', resource('IngressRoute')).must_equal nil
jq('.metadata.name', resource('Middleware')).must_equal expectedName
jq('.spec.routes[0].middlewares[1].name', resource('IngressRoute')).must_equal expectedName
end
end
end
end

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 6767
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -367,15 +368,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -386,6 +386,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -438,27 +468,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 8083
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -310,15 +311,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -329,6 +329,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -381,27 +411,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -41,7 +41,7 @@ persistence:
# skipuninstall: false
# existingClaim: ""
appIngressEnabled: false
appVolumeMounts:

View File

@ -41,7 +41,7 @@ persistence:
# skipuninstall: false
# existingClaim: ""
appIngressEnabled: false
#appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Network Configuration"
- name: "Environment Variables"
description: "Environment Variables Configuration"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
- name: "Storage"
description: "configure app volume mounts"
@ -166,7 +166,8 @@ questions:
schema:
type: int
default: 9980
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -224,13 +225,13 @@ questions:
default: 'collabora\.domain\.tld'
# Reverse Proxy
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Reverse Proxy"
schema:
@ -243,6 +244,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -295,27 +326,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "network / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -178,7 +178,8 @@ questions:
schema:
type: int
default: 8112
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -240,7 +241,8 @@ questions:
schema:
type: int
default: 51413
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -302,7 +304,8 @@ questions:
schema:
type: int
default: 51413
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -435,15 +438,14 @@ questions:
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -454,6 +456,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -506,27 +538,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:
@ -534,7 +560,6 @@ questions:
default: ""
- variable: tcp
label: "TCP Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -552,9 +577,28 @@ questions:
default: "TCP"
required: true
editable: false
enum:
- value: "TCP"
description: "Plain TCP Connections"
hidden: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -564,18 +608,9 @@ questions:
enum:
- value: "torrent-tcp"
description: "Torrent-TCP: port 51413"
- variable: certType
label: "Select Certificate Type"
schema:
editable: false
type: string
default: ""
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- variable: udp
label: "UDP Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -593,9 +628,28 @@ questions:
default: "UDP"
required: true
editable: false
enum:
- value: "UDP"
description: "Plain UDP Connections"
hidden: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:

View File

@ -59,7 +59,7 @@ env: {}
# UMASK_SET: "022"
# DELUGE_LOGLEVEL: "error"
appIngressEnabled: false
appVolumeMounts:
config:

View File

@ -59,7 +59,7 @@ env: {}
# UMASK_SET: "022"
# DELUGE_LOGLEVEL: "error"
appIngressEnabled: false
# appVolumeMounts:
# config:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -188,7 +188,8 @@ questions:
schema:
type: int
default: 6052
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -261,15 +262,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -280,6 +280,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -332,27 +362,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 80
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -254,15 +255,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -273,6 +273,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -325,27 +355,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -23,7 +23,7 @@ persistence:
enabled: false
emptyDir: false
appIngressEnabled: false
appVolumeMounts:

View File

@ -23,7 +23,7 @@ persistence:
enabled: false
emptyDir: false
appIngressEnabled: false
#appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 8484
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -274,6 +274,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -326,27 +356,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -22,7 +22,7 @@ persistence:
emptyDir: false
mountPath: /usr/data
appIngressEnabled: false
appVolumeMounts:

View File

@ -21,5 +21,3 @@ persistence:
enabled: false
emptyDir: false
mountPath: /usr/data
appIngressEnabled: false

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 80
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -274,6 +274,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -326,27 +356,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -23,7 +23,7 @@ persistence:
enabled: false
emptyDir: false
appIngressEnabled: false
appVolumeMounts:

View File

@ -22,5 +22,3 @@ persistence:
config:
enabled: false
emptyDir: false
appIngressEnabled: false

View File

@ -6,7 +6,7 @@ groups:
description: "Container configuration"
- name: "Networking"
description: "Network configuration"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
- name: "Services"
description: "Service configuration"
@ -257,7 +257,8 @@ questions:
schema:
type: int
default: 5800
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -319,7 +320,8 @@ questions:
schema:
type: int
default: 5900
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -606,15 +608,14 @@ questions:
default: "/dev/sr0"
required: true
# Reverse Proxy
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -625,6 +626,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -677,27 +708,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 80
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -274,6 +274,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -326,27 +356,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "network / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -355,7 +355,8 @@ questions:
schema:
type: int
default: 8123
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -366,15 +367,14 @@ questions:
default: 36052
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -385,6 +385,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -437,27 +467,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 9117
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
label: "Web Reverse Proxy Configuration"
group: "Ingress"
- variable: main
label: "WebUI"
schema:
type: dict
attrs:
@ -274,6 +274,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -326,27 +356,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 8096
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -311,15 +312,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -330,6 +330,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -382,27 +412,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 1688
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: kms
- variable: main
label: "KMS Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -281,9 +281,29 @@ questions:
default: "TCP"
required: true
editable: false
enum:
- value: "TCP"
description: "Plain TCP Connections"
hidden: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -293,12 +313,3 @@ questions:
enum:
- value: "kms"
description: "KMS: port 1688"
- variable: certType
label: "Select Certificate Type"
schema:
editable: false
type: string
default: ""
enum:
- value: ""
description: "No Encryption/TLS/Certificates"

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -171,7 +171,8 @@ questions:
schema:
type: int
default: 5299
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -368,15 +369,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -387,6 +387,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -439,27 +469,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 8686
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -367,15 +368,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -386,6 +386,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -438,27 +468,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 80
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -366,15 +367,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -385,6 +385,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -437,27 +467,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -70,7 +70,7 @@ persistence:
# skipuninstall: false
# existingClaim: ""
appIngressEnabled: false
appVolumeMounts:

View File

@ -70,7 +70,7 @@ persistence:
# skipuninstall: false
# existingClaim: ""
appIngressEnabled: false
#appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "network / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 4533
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -312,15 +313,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -331,6 +331,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -383,27 +413,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -57,7 +57,7 @@ persistence:
# existingClaim: ""
appIngressEnabled: false
appVolumeMounts:

View File

@ -57,7 +57,7 @@ persistence:
# existingClaim: ""
appIngressEnabled: false
# appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 1880
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -256,15 +257,14 @@ questions:
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -275,6 +275,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -327,27 +357,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 6789
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -310,15 +311,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -329,6 +329,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -381,27 +411,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -52,7 +52,7 @@ persistence:
# skipuninstall: false
# existingClaim: ""
appIngressEnabled: false
appVolumeMounts:
config:

View File

@ -52,7 +52,7 @@ persistence:
# skipuninstall: false
# existingClaim: ""
appIngressEnabled: false
# appVolumeMounts:
# config:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 5076
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -310,15 +311,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -329,6 +329,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -381,27 +411,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -59,7 +59,7 @@ persistence:
enabled: false
emptyDir: false
appIngressEnabled: false
appVolumeMounts:

View File

@ -59,7 +59,7 @@ persistence:
enabled: false
emptyDir: false
appIngressEnabled: false
#appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 3579
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -255,15 +256,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -274,6 +274,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -326,27 +356,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -171,7 +171,8 @@ questions:
schema:
type: int
default: 80
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -313,15 +314,14 @@ questions:
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -332,6 +332,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -384,27 +414,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -160,7 +160,7 @@ questions:
label: "container port"
schema:
type: int
default: 8787
default: 8080
editable: false
hidden: true
- variable: targetport
@ -168,8 +168,9 @@ questions:
description: "When connecting internally to this App, you'll need this port"
schema:
type: int
default: 8787
editable: true
default: 8080
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -222,7 +223,7 @@ questions:
label: "container port"
schema:
type: int
default: 51413
default: 6881
editable: false
hidden: true
- variable: targetport
@ -231,7 +232,8 @@ questions:
schema:
type: int
default: 51413
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -284,7 +286,7 @@ questions:
label: "container port"
schema:
type: int
default: 51413
default: 6881
editable: false
hidden: true
- variable: targetport
@ -293,7 +295,8 @@ questions:
schema:
type: int
default: 51413
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -434,15 +437,14 @@ questions:
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -453,6 +455,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -505,27 +537,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:
@ -533,7 +559,6 @@ questions:
default: ""
- variable: tcp
label: "TCP Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -551,9 +576,28 @@ questions:
default: "TCP"
required: true
editable: false
enum:
- value: "TCP"
description: "Plain TCP Connections"
hidden: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -563,18 +607,9 @@ questions:
enum:
- value: "torrent-tcp"
description: "Torrent-TCP: port 51413"
- variable: certType
label: "Select Certificate Type"
schema:
editable: false
type: string
default: ""
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- variable: udp
label: "UDP Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -592,9 +627,28 @@ questions:
default: "UDP"
required: true
editable: false
enum:
- value: "UDP"
description: "Plain UDP Connections"
hidden: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:

View File

@ -22,14 +22,14 @@ services:
enabled: true
type: ClusterIP
port:
port: 51413
port: 6881
protocol: TCP
targetPort: 51413
udp:
enabled: true
type: ClusterIP
port:
port: 51413
port: 6881
protocol: UDP
targetPort: 51413
@ -85,7 +85,7 @@ additionalVolumeMounts:
- mountPath: /config/custom-cont-init.d
name: qbittorrent-scripts
appIngressEnabled: false
appVolumeMounts:

View File

@ -86,7 +86,7 @@ additionalVolumeMounts:
- mountPath: /config/custom-cont-init.d
name: qbittorrent-scripts
appIngressEnabled: false
#appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -171,7 +171,8 @@ questions:
schema:
type: int
default: 7878
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -368,15 +369,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -387,6 +387,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -439,27 +469,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -170,7 +170,8 @@ questions:
schema:
type: int
default: 8787
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -366,15 +367,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -385,6 +385,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -437,27 +467,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -61,7 +61,7 @@ persistence:
# skipuninstall: false
# existingClaim: ""
appIngressEnabled: false
appVolumeMounts:

View File

@ -61,7 +61,7 @@ persistence:
# skipuninstall: false
# existingClaim: ""
appIngressEnabled: false
#appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
web_portal:
@ -179,7 +179,8 @@ questions:
schema:
type: int
default: 8080
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -311,15 +312,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -330,6 +330,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -382,27 +412,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -40,7 +40,7 @@ persistence:
# skipuninstall: false
# existingClaim: ""
appIngressEnabled: false
appVolumeMounts:

View File

@ -40,7 +40,7 @@ persistence:
# skipuninstall: false
# existingClaim: ""
appIngressEnabled: false
# appVolumeMounts:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -180,7 +180,8 @@ questions:
schema:
type: int
default: 8989
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -369,15 +370,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -388,6 +388,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -440,27 +470,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -7,7 +7,7 @@ groups:
description: "Networking / service configuration"
- name: "Storage"
description: "configure app volume mounts"
- name: "Ingress"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
portals:
@ -180,7 +180,8 @@ questions:
schema:
type: int
default: 8181
editable: true
editable: false
hidden: true
- variable: nodePort
label: "(optional) host nodePort to expose to"
description: "only get used when nodePort is selected"
@ -257,15 +258,14 @@ questions:
type: hostpath
required: true
- variable: appIngress
- variable: ingress
label: ""
group: "Ingress"
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: webui
- variable: main
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
@ -276,6 +276,36 @@ questions:
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: ""
- variable: entrypoint
label: "Select Entrypoint"
schema:
@ -328,27 +358,21 @@ questions:
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
show_subquestions_if: "existingcert"
subquestions:
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
default: ""
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:

View File

@ -19,8 +19,8 @@ groups:
description: "Configure when pod should be restarted in case of failure"
- name: "Resource Reservation"
description: "Specify resources to be allocated to workload"
- name: "Ingress"
description: "Configure Reverse Proxy"
- name: "Reverse Proxy Configuration"
description: "Reverse Proxy configuration"
- name: "Certmanager Settings"
description: "Configure Certmanager"
- name: "WARNING"
@ -57,7 +57,7 @@ questions:
label: "Image Tag"
schema:
type: string
default: "2.4.2"
default: "2.4.6"
- variable: pullPolicy
description: "Docker Image Pull Policy"
label: "Image Pull Policy"
@ -108,15 +108,138 @@ questions:
default: "002"
- variable: ingress
label: ""
group: "Reverse Proxy Configuration"
schema:
type: dict
attrs:
- variable: main
label: "WebUI"
schema:
type: dict
attrs:
- variable: enabled
label: "Enable Web Reverse Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: type
label: "Reverse Proxy Type"
schema:
type: string
default: "HTTP-IR"
hidden: true
editable: false
required: true
- variable: serviceName
label: "Service name to proxy to"
schema:
hidden: true
editable: false
type: string
default: "api@internal"
# - variable: servicePort
# label: "Service Port to proxy to"
# schema:
# hidden: true
# editable: false
# default: 80
# type: int
# default:
- variable: serviceKind
label: "Service Kind to proxy to"
schema:
hidden: true
editable: false
type: string
default: "TraefikService"
- variable: entrypoint
label: "Select Entrypoint"
schema:
type: string
default: "websecure"
required: true
enum:
- value: "websecure"
description: "Websecure: HTTPS/TLS port 443"
- variable: hosts
label: "Hosts"
schema:
type: list
default: []
items:
- variable: host
label: "Host"
schema:
type: dict
attrs:
- variable: host
label: "Domain Name"
required: true
schema:
type: string
- variable: paths
label: "paths"
schema:
type: list
default: []
items:
- variable: path
label: "Path"
schema:
type: dict
attrs:
- variable: path
label: "path"
schema:
type: string
required: true
default: "/"
- variable: pathType
label: "pathType"
schema:
type: string
required: true
default: "prefix"
- variable: certType
label: "Select Certificate Type"
schema:
type: string
default: "selfsigned"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "ixcert"
description: "TrueNAS SCALE Certificate"
- variable: certificate
label: "Select TrueNAS SCALE Certificate"
schema:
type: int
show_if: [["certType", "=", "ixcert"]]
$ref:
- "definitions/certificate"
- variable: authForwardURL
label: "Forward Authentication URL"
schema:
type: string
default: ""
## TrueCharts Specific
- variable: appVolumeMounts
label: "app storage"
group: "Storage"
schema:
type: dict
attrs:
# Config ------------------------
# Data ------------------------
- variable: data
label: "Data Dataset"
label: "data dataset"
schema:
type: dict
$ref:
@ -130,6 +253,13 @@ questions:
required: true
hidden: true
editable: false
- variable: setPermissions
label: "Automatic Permissions"
description: "Automatically set permissions on install"
schema:
type: boolean
default: true
hidden: false
- variable: emptyDir
label: "emptyDir"
schema:
@ -165,330 +295,6 @@ questions:
type: hostpath
required: true
- variable: appIngress
label: ""
group: "Ingress"
schema:
type: dict
attrs:
- variable: webui
label: "Web Reverse Proxy Configuration"
group: "Ingress"
schema:
type: dict
attrs:
- variable: enabled
label: "Enable Web Reverse Proxy"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: entrypoint
label: "Select Entrypoint"
schema:
type: string
default: "websecure"
required: true
enum:
- value: "websecure"
description: "Websecure: HTTPS/TLS port 443"
- variable: host
label: "Host"
required: true
schema:
type: string
- variable: certType
label: "Select Certificate Type"
schema:
type: string
default: "letsencrypt-prod"
enum:
- value: ""
description: "No Encryption/TLS/Certificates"
- value: "letsencrypt-prod"
description: "Letsencrypt Production Certificates"
- value: "letsencrypt-staging"
description: "Letsencrypt Test Certificates"
- value: "wildcard"
description: "Global Wildcard Certificate"
- value: "selfsigned"
description: "Self-Signed Certificate"
- value: "existingcert"
description: "Existing Certificate"
- variable: existingcert
label: "Existing Certificate Name"
schema:
type: string
show_if: [["certType", "=", "existingcert"]]
default: ""
- variable: authForwardURL
label: "Forward Authentication URL"
schema:
type: string
default: ""
- variable: certmanager
description: "Configure CertManager Settings"
label: "CertManager Settings"
group: "Certmanager Settings"
schema:
type: dict
required: true
attrs:
- variable: provider
description: "Select the CertManager provider to use"
label: "CertManager Provider"
schema:
type: string
default: ""
enum:
- value: ""
description: "none"
- value: "cloudflare"
description: "Cloudflare"
- value: "cloudDNS"
description: "Google cloudDNS"
- value: "route53"
description: "Route53"
- value: "digitalocean"
description: "Digitalocean"
- value: "rfc2136"
description: "rfc2136"
- value: "azureDNS"
description: "AzureDNS"
- value: "akamai"
description: "Akamai"
- value: "acmeDNS"
description: "acmeDNS"
- variable: email
description: "Email Adress to use with Letsencrypt"
label: "Email-Adress"
schema:
show_if: [["provider", "!=", ""]]
type: string
default: ""
required: true
- variable: wildcardDomain
description: "Enter Domain name here, if you want to setup a global wildcard-domain"
label: "Wildcard Domain"
schema:
show_if: [["provider", "!=", ""]]
type: string
default: ""
- variable: cloudflare
description: "Configure Cloudflare Settings"
label: "Cloudflare Settings"
schema:
show_if: [["provider", "=", "cloudflare"]]
type: dict
required: true
attrs:
- variable: apikey
description: "Enter your Cloudflare API-Key"
label: "API-Key"
schema:
type: string
default: ""
required: true
- variable: cloudDNS
description: "Configure Google cloudDNS Settings"
label: "Google cloudDNS Settings"
schema:
type: dict
show_if: [["provider", "=", "cloudDNS"]]
required: true
attrs:
- variable: project
description: "Enter your Google cloudDNS Project Name"
label: "Project"
schema:
type: string
default: ""
required: true
- variable: keyjson
description: "Enter your Google cloudDNS JSON Key"
label: "Key-JSON"
schema:
type: string
default: ""
required: true
- variable: route53
description: "Configure Route53 Settings"
label: "Route53 Settings"
schema:
type: dict
show_if: [["provider", "=", "route53"]]
required: true
attrs:
- variable: region
description: "Enter your Route53 Region"
label: "Region"
schema:
type: string
default: ""
required: true
- variable: accessKeyID
description: "Enter your Route53 accessKeyID"
label: "accessKeyID"
schema:
type: string
default: ""
required: true
- variable: secretaccesskey
description: "Enter your Route53 secretaccesskey"
label: "Secretaccesskey"
schema:
type: string
default: ""
required: true
- variable: digitalocean
description: "Configure Digitalocean Settings"
label: "Digitalocean Settings"
schema:
type: dict
show_if: [["provider", "=", "digitalocean"]]
required: true
attrs:
- variable: accesstoken
description: "Enter your Digitalocean Access Token"
label: "Access Token"
schema:
type: string
default: ""
required: true
- variable: rfc2136
description: "Configure rfc2136 Settings"
label: "rfc2136 Settings"
schema:
type: dict
show_if: [["provider", "=", "rfc2136"]]
required: true
attrs:
- variable: nameserver
description: "Enter your rfc2136 Nameserver"
label: "Nameserver"
schema:
type: string
default: ""
required: true
- variable: tsigKeyName
description: "Enter your rfc2136 tsigKeyName"
label: "tsigKeyName"
schema:
type: string
default: ""
required: true
- variable: tsigsecretkey
description: "Enter your rfc2136 tsigsecretkey"
label: "tsigsecretkey"
schema:
type: string
default: ""
required: true
- variable: tsigAlgorithm
description: "Enter your rfc2136 tsigAlgorithm"
label: "tsigAlgorithm"
schema:
type: string
default: ""
required: true
- variable: azureDNS
description: "Configure AzureDNS Settings"
label: "AzureDNS Settings"
schema:
type: dict
show_if: [["provider", "=", "azureDNS"]]
required: true
attrs:
- variable: environment
description: "Enter your AzureDNS environment"
label: "environment"
schema:
type: string
default: ""
required: true
- variable: subscriptionID
description: "Enter your AzureDNS subscriptionID"
label: "subscriptionID"
schema:
type: string
default: ""
required: true
- variable: resourceGroupName
description: "Enter your AzureDNS resourceGroupName"
label: "resourceGroupName"
schema:
type: string
default: ""
required: true
- variable: hostedZoneName
description: "Enter your AzureDNS hostedZoneName"
label: "hostedZoneName"
schema:
type: string
default: ""
required: true
- variable: akamai
description: "Configure Akamai Settings"
label: "Akamai Settings"
schema:
type: dict
show_if: [["provider", "=", "akamai"]]
required: true
attrs:
- variable: serviceConsumerDomain
description: "Enter your Akamai serviceConsumerDomain"
label: "serviceConsumerDomain"
schema:
type: string
default: ""
required: true
- variable: clientToken
description: "Enter your Akamai clientToken"
label: "clientToken"
schema:
type: string
default: ""
required: true
- variable: clientSecret
description: "Enter your Akamai clientSecret"
label: "clientSecret"
schema:
type: string
default: ""
required: true
- variable: accessToken
description: "Enter your Akamai accessToken"
label: "accessToken"
schema:
type: string
default: ""
required: true
- variable: acmeDNS
description: "Configure acmeDNS Settings"
label: "acmeDNS Settings"
schema:
type: dict
show_if: [["provider", "=", "acmeDNS"]]
required: true
attrs:
- variable: host
description: "Enter your acmeDNS host"
label: "host"
schema:
type: string
default: ""
required: true
- variable: apikey
description: "Enter your acmeDNS acmednsjson"
label: "acmednsjson"
schema:
type: string
default: ""
required: true
- variable: warning
label: "This App binds to the same ports as TrueNAS SCALE UI: 80 and 443"
description: "Please be sure to set the UI to a different port or adapter"

View File

@ -72,12 +72,14 @@
{{- toYaml . | nindent 10 }}
{{- end }}
volumeMounts:
{{- include "configuredAppVolumeMounts" . | indent 10 }}
#- name: data
# mountPath: {{ .Values.persistence.path }}
# {{- if .Values.persistence.subPath }}
# subPath: {{ .Values.persistence.subPath }}
# {{- end }}
{{- include "common.storage.allContainerVolumeMounts" . | indent 10 }}
{{- if .Values.persistence.enabled }}
- name: {{ .Values.persistence.name }}
mountPath: {{ .Values.persistence.path }}
{{- if .Values.persistence.subPath }}
subPath: {{ .Values.persistence.subPath }}
{{- end }}
{{- end }}
- name: tmp
mountPath: /tmp
{{- $root := . }}
@ -207,27 +209,29 @@
{{- toYaml .Values.deployment.additionalContainers | nindent 6 }}
{{- end }}
volumes:
{{- include "configuredAppVolumes" . | indent 8 }}
#- name: data
# {{- if .Values.persistence.enabled }}
# persistentVolumeClaim:
# claimName: {{ default (include "traefik.fullname" .) .Values.persistence.existingClaim }}
# {{- else }}
# emptyDir: {}
# {{- end }}
{{- if .Values.appVolumeMounts }}
{{- include "common.storage.allAppVolumes" . | indent 8 }}
{{- else if .Values.persistence.enabled }}
- name: data
persistentVolumeClaim:
claimName: {{ default (include "traefik.fullname" .) .Values.persistence.existingClaim }}
{{- else }}
- name: data
emptyDir: {}
{{- end }}
- name: tmp
emptyDir: {}
#{{- $root := . }}
#{{- range .Values.volumes }}
#- name: {{ tpl (.name) $root }}
# {{- if eq .type "secret" }}
# secret:
# secretName: {{ tpl (.name) $root }}
# {{- else if eq .type "configMap" }}
# configMap:
# name: {{ tpl (.name) $root }}
# {{- end }}
#{{- end }}
{{- $root := . }}
{{- range .Values.volumes }}
- name: {{ tpl (.name) $root }}
{{- if eq .type "secret" }}
secret:
secretName: {{ tpl (.name) $root }}
{{- else if eq .type "configMap" }}
configMap:
name: {{ tpl (.name) $root }}
{{- end }}
{{- end }}
{{- if .Values.deployment.additionalVolumes }}
{{- toYaml .Values.deployment.additionalVolumes | nindent 8 }}
{{- end }}

View File

@ -1,52 +0,0 @@
{{/*
Retrieve host path from ix volumes based on dataset name
*/}}
{{- define "retrieveHostPathFromiXVolume" -}}
{{- range $index, $hostPathConfiguration := $.ixVolumes }}
{{- $dsName := base $hostPathConfiguration.hostPath -}}
{{- if eq $.datasetName $dsName -}}
{{- $hostPathConfiguration.hostPath -}}
{{- end }}
{{- end }}
{{- end -}}
{{/*
Define appVolumeMounts for container
*/}}
{{- define "configuredAppVolumeMounts" -}}
{{- if and .Values.appVolumesEnabled .Values.appVolumeMounts }}
{{- range $name, $avm := .Values.appVolumeMounts -}}
{{- if $avm.enabled }}
- name: {{ $name }}
mountPath: {{ $avm.mountPath }}
{{- if $avm.subPath }}
subPath: {{ $avm.subPath }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}
{{/*
Define hostPath for appVolumes
*/}}
{{- define "configuredAppVolumes" -}}
{{- if and .Values.appVolumesEnabled .Values.appVolumeMounts }}
{{- range $name, $av := .Values.appVolumeMounts -}}
{{- if $av.enabled }}
- name: {{ $name }}
{{- if or $av.emptyDir $.Values.emptyDirVolumes }}
emptyDir: {}
{{- else }}
hostPath:
{{ if $av.hostPathEnabled }}
path: {{ required "hostPath not set" $av.hostPath }}
{{- else }}
{{- $volDict := dict "datasetName" $av.datasetName "ixVolumes" $.Values.ixVolumes -}}
path: {{ include "retrieveHostPathFromiXVolume" $volDict }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end -}}

View File

@ -1,69 +1 @@
{{- if .Values.appIngress.webui.enabled -}}
{{- if .Values.appIngress.webui.host -}}
{{- if or (eq .Values.appIngress.webui.certType "letsencrypt-prod") (eq .Values.appIngress.webui.certType "letsencrypt-staging") }}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ .Release.Name }}
annotations:
# hooks are defined here
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-weight": "10"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
commonName: {{ .Values.appIngress.webui.host }}
secretName: {{ .Release.Name }}
dnsNames:
- {{ .Values.appIngress.webui.host }}
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
group: cert-manager.io
---
{{- end }}
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: {{ .Release.Name }}
spec:
entryPoints:
- {{ .Values.appIngress.webui.entrypoint }}
routes:
- kind: Rule
match: Host(`{{ .Values.appIngress.webui.host }}`)
services:
- name: api@internal # The internal name of the Dashboard for Traefik
kind: TraefikService
middlewares:
- name: traefik-middlewares-chain-public@kubernetescrd
{{- if .Values.appIngress.webui.authForwardUrl -}}
- name: {{ .Release.Name }}-auth-forward
{{- end }}
{{- if .Values.appIngress.webui.certType }}
tls: {{- if eq .Values.appIngress.webui.certType "selfsigned" -}}[]{{ else if eq .Values.appIngress.webui.certType "existingcert" }}
secretName: {{ .Values.appIngress.webui.existingCert }}
{{- else if eq .Values.appIngress.webui.certType "wildcard" -}}
secretName: wildcardcert
{{ else }}
secretName: {{ .Release.Name }}
{{- end }}
{{- end }}
{{- if .Values.appIngress.webui.authForwardUrl -}}
---
# Forward authentication
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: {{ .Release.Name }}-auth-forward
spec:
forwardAuth:
address: '{{ .Values.appIngress.webui.authForwardUrl }}'
trustForwardHeader: true
authResponseHeaders:
- Remote-User
- Remote-Groups
- Remote-Name
- Remote-Email
{{- end }}
{{- end }}
{{- end }}
{{ include "common.ingress" . }}

View File

@ -1,197 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: dns-secrets
#namespace: cert-manager
type: Opaque
stringData:
{{- if eq .Values.certmanager.provider "cloudflare" }}
api-key: {{ .Values.certmanager.cloudflare.apikey | quote }}
{{- else if eq .Values.certmanager.provider "cloudDNS" }}
key-json: {{ .Values.certmanager.cloudDNS.keyjson | quote }}
{{- else if eq .Values.certmanager.provider "route53" }}
secret-access-key: {{ .Values.certmanager.route53.secretaccesskey | quote }}
{{- else if eq .Values.certmanager.provider "digitalocean" }}
access-token: {{ .Values.certmanager.digitalocean.accesstoken | quote }}
{{- else if eq .Values.certmanager.provider "rfc2136" }}
rfc2136:
tsig-secret-key: {{ .Values.certmanager.rfc2136.tsigsecretkey | quote }}
{{- else if eq .Values.certmanager.provider "akamai" }}
clientToken: {{ .Values.certmanager.akamai.clientToken| quote }}
clientSecret: {{ .Values.certmanager.akamai.clientSecret| quote }}
accessToken: {{ .Values.certmanager.akamai.accessToken| quote }}
{{- else if eq .Values.certmanager.provider "acmeDNS" }}
acmedns-json: {{ .Values.certmanager.acmeDNS.acmednsjson | quote }}
{{- end }}
---
{{- if .Values.certmanager.email -}}
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
#namespace: default
annotations:
# hooks are defined here
"helm.sh/hook": post-install,post-upgrade
#"helm.sh/hook-weight": "0"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
acme:
# You must replace this email address with your own.
# Let's Encrypt will use this to contact you about expiring
# certificates, and issues related to your account.
email: {{ .Values.certmanager.email }}
server: https://acme-v02.api.letsencrypt.org/directory
privateKeySecretRef:
# Secret resource used to store the account's private key.
name: prod-issuer-account-key
# Add a single challenge solver, DNS01
solvers:
- dns01:
{{- if eq .Values.certmanager.provider "cloudflare" }}
cloudflare:
email: {{ .Values.certmanager.email }}
apiKeySecretRef:
name: dns-secrets
key: api-key
{{- else if eq .Values.certmanager.provider "cloudDNS" }}
cloudDNS:
# The ID of the GCP project
project: {{ .Values.certmanager.cloudDNS.project }}
# This is the secret used to access the service account
serviceAccountSecretRef:
name: dns-secrets
key: key-json
{{- else if eq .Values.certmanager.provider "route53" }}
route53:
region: {{ .Values.certmanager.route53.region }}
accessKeyID: {{ .Values.certmanager.route53.accessKeyID }}
secretAccessKeySecretRef:
name: dns-secrets
key: secret-access-key
# you can also assume a role with these credentials
role: {{ .Values.certmanager.route53.role }}
{{- else if eq .Values.certmanager.provider "digitalocean" }}
digitalocean:
tokenSecretRef:
name: dns-secrets
key: access-token
{{- else if eq .Values.certmanager.provider "rfc2136" }}
rfc2136:
nameserver: {{ .Values.certmanager.rfc2136.nameserver }}
tsigKeyName: {{ .Values.certmanager.rfc2136.tsigKeyName }}
tsigAlgorithm: {{ .Values.certmanager.rfc2136.tsigAlgorithm }}
tsigSecretSecretRef:
name: dns-secrets
key: tsig-secret-key
{{- else if eq .Values.certmanager.provider "azureDNS" }}
azureDNS:
subscriptionID: {{ .Values.certmanager.azureDNS.subscriptionID }}
resourceGroupName: {{ .Values.certmanager.azureDNS.resourceGroupName }}
hostedZoneName: {{ .Values.certmanager.azureDNS.hostedZoneName }}
environment: {{ .Values.certmanager.azureDNS.environment }}
{{- else if eq .Values.certmanager.provider "akamai" }}
akamai:
serviceConsumerDomain: {{ .Values.certmanager.akamai.serviceConsumerDomain }}
clientTokenSecretRef:
name: dns-secrets
key: clientToken
clientSecretSecretRef:
name: dns-secrets
key: clientSecret
accessTokenSecretRef:
name: dns-secrets
key: akamaiaccessToken
{{- else if eq .Values.certmanager.provider "acmeDNS" }}
acmeDNS:
host: {{ .Values.certmanager.acmeDNS.host }}
accountSecretRef:
name: dns-secrets
key: acmedns-json
{{- end }}
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
#namespace: default
annotations:
# hooks are defined here
"helm.sh/hook": post-install,post-upgrade
#"helm.sh/hook-weight": "0"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
acme:
# You must replace this email address with your own.
# Let's Encrypt will use this to contact you about expiring
# certificates, and issues related to your account.
email: {{ .Values.certmanager.email }}
server: https://acme-staging-v02.api.letsencrypt.org/directory
privateKeySecretRef:
# Secret resource used to store the account's private key.
name: staging-issuer-account-key
# Add a single challenge solver, DNS01
solvers:
- dns01:
{{- if eq .Values.certmanager.provider "cloudflare" }}
cloudflare:
email: {{ .Values.certmanager.email }}
apiKeySecretRef:
name: dns-secrets
key: api-key
{{- else if eq .Values.certmanager.provider "cloudDNS" }}
cloudDNS:
# The ID of the GCP project
project: {{ .Values.certmanager.cloudDNS.project }}
# This is the secret used to access the service account
serviceAccountSecretRef:
name: dns-secrets
key: key-json
{{- else if eq .Values.certmanager.provider "route53" }}
route53:
region: {{ .Values.certmanager.route53.region }}
accessKeyID: {{ .Values.certmanager.route53.accessKeyID }}
secretAccessKeySecretRef:
name: dns-secrets
key: secret-access-key
# you can also assume a role with these credentials
role: arn:aws:iam::YYYYYYYYYYYY:role/dns-manager
{{- else if eq .Values.certmanager.provider "digitalocean" }}
digitalocean:
tokenSecretRef:
name: dns-secrets
key: access-token
{{- else if eq .Values.certmanager.provider "rfc2136" }}
rfc2136:
nameserver: {{ .Values.certmanager.rfc2136.nameserver }}
tsigKeyName: {{ .Values.certmanager.rfc2136.tsigKeyName }}
tsigAlgorithm: {{ .Values.certmanager.rfc2136.tsigAlgorithm }}
tsigSecretSecretRef:
name: dns-secrets
key: tsig-secret-key
{{- else if eq .Values.certmanager.provider "azureDNS" }}
azureDNS:
subscriptionID: {{ .Values.certmanager.azureDNS.subscriptionID }}
resourceGroupName: {{ .Values.certmanager.azureDNS.resourceGroupName }}
hostedZoneName: {{ .Values.certmanager.azureDNS.hostedZoneName }}
environment: {{ .Values.certmanager.azureDNS.environment }}
{{- else if eq .Values.certmanager.provider "akamai" }}
akamai:
serviceConsumerDomain: {{ .Values.certmanager.akamai.serviceConsumerDomain }}
clientTokenSecretRef:
name: dns-secrets
key: clientToken
clientSecretSecretRef:
name: dns-secrets
key: clientSecret
accessTokenSecretRef:
name: dns-secrets
key: akamaiaccessToken
{{- else if eq .Values.certmanager.provider "acmeDNS" }}
acmeDNS:
host: {{ .Values.certmanager.acmeDNS.host }}
accountSecretRef:
name: dns-secrets
key: acmedns-json
{{- end }}
{{- end }}

View File

@ -2,7 +2,6 @@ apiVersion: traefik.containo.us/v1alpha1
kind: TLSOption
metadata:
name: default
namespace: default
spec:
minVersion: VersionTLS12
cipherSuites:

View File

@ -1,23 +0,0 @@
{{- if .Values.certmanager.wildcardDomain -}}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: wildcardcert
annotations:
# hooks are defined here
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-weight": "10"
"helm.sh/hook-delete-policy": before-hook-creation
reflector.v1.k8s.emberstack.com/secret-reflection-allowed: "true"
reflector.v1.k8s.emberstack.com/secret-reflection-auto-enabled: "true"
spec:
commonName: {{ .Values.certmanager.wildcardDomain }}
secretName: wildcardcert
dnsNames:
- {{ .Values.certmanager.wildcardDomain }}
- '*.{{ .Values.certmanager.wildcardDomain }}'
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
group: cert-manager.io
{{- end }}

View File

@ -3,7 +3,7 @@
{{- with .Values.additionalArguments -}}
{{- range . -}}
{{- if contains ".acme." . -}}
{{- fail (printf "You can not enabled acme if you set more than one traefik replica") -}}
{{- fail (printf "You can not enable acme if you set more than one traefik replica") -}}
{{- end -}}
{{- end -}}
{{- end -}}

View File

@ -82,7 +82,7 @@ experimental:
# Create an IngressRoute for the dashboard
ingressRoute:
dashboard:
enabled: true
enabled: false
# Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
annotations: {}
# Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
@ -442,12 +442,12 @@ autoscaling:
persistence:
enabled: false
# existingClaim: ""
accessMode: ReadWriteOnce
size: 128Mi
# storageClass: ""
path: /data
annotations: {}
# subPath: "" # only mount a subpath of the Volume into the pod
#accessMode: ReadWriteOnce
#size: 128Mi
## storageClass: ""
#path: /data
#annotations: {}
## subPath: "" # only mount a subpath of the Volume into the pod
# If hostNetwork is true, runs traefik in the host network namespace
# To prevent unschedulabel pods due to port collisions, if hostNetwork=true
@ -523,55 +523,20 @@ appVolumeMounts:
emptyDir: true
mountPath: "/data"
appIngress:
webui:
enabled: false
ingress:
dashboard:
enabled: true
type: "HTTP-IR"
entrypoint: "websecure"
certType: "letsencrypt-prod"
existingcert: ""
authForwardURL: ""
host: "traefik.example.truecharts.org"
certmanager:
# general
provider: ""
email: ""
wildcardDomain: ""
# provider specific
cloudflare:
apikey: "placeholder"
cloudDNS:
project: ""
keyjson: "placeholder"
route53:
region: ""
accessKeyID: ""
secretaccesskey: "placeholder"
digitalocean:
accesstoken: "placeholder"
rfc2136:
nameserver: ""
tsigKeyName: ""
tsigAlgorithm: ""
tsigsecretkey: "placeholder"
azureDNS:
environment: ""
subscriptionID: ""
resourceGroupName: ""
hostedZoneName: ""
akamai:
serviceConsumerDomain: ""
clientToken: "placeholder"
clientSecret: "placeholder"
accessToken: "placeholder"
acmeDNS:
host: ""
acmednsjson: "placeholder"
cert-manager:
installCRDs: true
extraArgs:
- --dns01-recursive-nameservers-only
- --dns01-recursive-nameservers=1.1.1.1:53
certType: "selfsigned"
serviceName: api@internal
servicePort:
serviceKind: "TraefikService"
annotations: {}
labels: {}
hosts:
- host: chart-example.local
paths:
- path: /
# Ignored if not kubeVersion >= 1.14-0
pathType: Prefix

Some files were not shown because too many files have changed in this diff Show More