# Include{groups} portals: open: # Include{portalLink} questions: # Include{global} # Include{controller} # Include{controllerDeployment} # Include{replicas} # Include{replica1} # Include{strategy} # Include{recreate} # Include{controllerExpert} # Include{controllerExpertExtraArgs} - variable: env group: "Container Configuration" label: "Image Environment" schema: additional_attrs: true type: dict attrs: - variable: WG_HOST label: "WG_HOST" description: "The public hostname of your VPN server." schema: type: string required: true default: "" - variable: WG_MTU label: "WG_MTU" description: "The MTU the clients will use. Server uses default WG MTU." schema: type: int default: 1420 - variable: WG_PERSISTENT_KEEPALIVE label: "WG_PERSISTENT_KEEPALIVE" description: "Value in seconds to keep the connection open." schema: type: int default: 0 - variable: WG_DEFAULT_ADDRESS label: "WG_DEFAULT_ADDRESS" description: "Clients IP address range." schema: type: string default: "10.8.0.x" - variable: WG_DEFAULT_DNS label: "WG_DEFAULT_DNS" description: "Clients default DNS IP" schema: type: string default: "1.1.1.1" - variable: WG_ALLOWED_IPS label: "WG_ALLOWED_IPS" description: "Allowed IPs clients will use." schema: type: string default: "0.0.0.0/0, ::/0" - variable: secretEnv group: "Container Configuration" label: "Image Secrets" schema: additional_attrs: true type: dict attrs: - variable: PASSWORD label: "ADMIN_PASSWORD" schema: type: string private: true required: true default: "" # Include{containerConfig} # Include{serviceRoot} - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main label: "Web GUI port configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 51821 required: true # Include{advancedPortTCP} - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 51821 - variable: vpn label: "Wireguard Internal" description: "Wireguard Internal Port" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: vpn label: "Wireguard Interal Port" description: "Omada Controller or EAP Discovery Utility discovers Omada devices." schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 51820 required: true # Include{advancedPortUDP} - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 51820 # Include{serviceExpertRoot} default: false # Include{serviceExpert} # Include{serviceList} # Include{persistenceRoot} - variable: config label: "App Config Storage" description: "Stores the Application Configuration." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} # Include{persistenceList} # Include{ingressRoot} - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressExpert} # Include{ingressList} # Include{security} # Include{securityContextAdvancedRoot} - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: false - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: false - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: false # Include{securityContextAdvanced} # Include{podSecurityContextRoot} - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 0 - variable: runAsGroup label: "runAsGroup" description: "The groupID this App of the user running the application" schema: type: int default: 0 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons} # Include{codeserver} # Include{promtail} # Include{netshoot} # Include{vpn} # Include{documentation}