# Include{groups} portals: open: # Include{portalLink} questions: # Include{global} # Include{controller} # Include{controllerDeployment} # Include{replicas} # Include{replica1} # Include{strategy} # Include{recreate} # Include{controllerExpert} # Include{controllerExpertExtraArgs} - variable: env group: "Container Configuration" label: "Image Environment" schema: additional_attrs: true type: dict attrs: - variable: COMMENTO_ORIGIN label: "COMMENTO_ORIGIN" description: "This should be set to the subdomain or the IP address hosting Commento. All API requests will go to this server. This may include subdirectories if Commento is hosted behind a reverse proxy, for example. Include the protocol in the value to use HTTP/HTTPS." schema: type: string default: "" - variable: COMMENTO_FORBID_NEW_OWNERS label: "COMMENTO_FORBID_NEW_OWNERS" description: "Used to disable new dashboard registrations. Useful if you are the only person using Commento on your server. Does not impact the creation of accounts for your readers." schema: type: boolean default: false - variable: COMMENTO_GZIP_STATIC label: "COMMENTO_GZIP_STATIC" schema: type: boolean default: true - variable: COMMENTO_ENABLE_WILDCARDS label: "COMMENTO_ENABLE_WILDCARDS" description: "Allows use of wildcards in domain names in the admin dashboard. (e.g. if you share your commento instance with more than one admin/allow new registrations)" schema: type: boolean default: true - variable: COMMENTO_ENABLE_LOGGING label: "COMMENTO_ENABLE_LOGGING" description: "Should we log every page view? This will allow you to see stats but will fill up your free postgres database quite quickly." schema: type: boolean default: false - variable: smpt_config label: "Enable SMTP" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: SMTP_SKIP_HOST_VERIFY label: "SMTP_SKIP_HOST_VERIFY" description: "Allows skipping of host verification for SMTP email sending." schema: type: boolean default: false - variable: COMMENTO_SMTP_USERNAME label: "COMMENTO_SMTP_USERNAME" description: "SMTP credentials and configuration the server should use to send emails." schema: type: string default: "" - variable: COMMENTO_SMTP_PASSWORD label: "COMMENTO_SMTP_PASSWORD" description: "SMTP credentials and configuration the server should use to send emails." schema: type: string private: true default: "" - variable: COMMENTO_SMTP_HOST label: "COMMENTO_SMTP_HOST" description: "SMTP credentials and configuration the server should use to send emails." schema: type: string default: "" - variable: COMMENTO_SMTP_FROM_ADDRESS label: "COMMENTO_SMTP_FROM_ADDRESS" description: "SMTP credentials and configuration the server should use to send emails." schema: type: string default: "" - variable: COMMENTO_SMTP_PORT label: "COMMENTO_SMTP_PORT" description: "SMTP credentials and configuration the server should use to send emails." schema: type: int default: 587 # Include{containerConfig} # Include{serviceRoot} - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 10240 required: true # Include{advancedPortHTTP} - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 10240 # Include{serviceExpertRoot} default: false # Include{serviceExpert} # Include{serviceList} # Include{persistenceList} # Include{ingressRoot} - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressExpert} # Include{ingressList} # Include{security} # Include{securityContextAdvancedRoot} - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: true - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: false - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: true # Include{securityContextAdvanced} # Include{podSecurityContextRoot} - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 568 - variable: runAsGroup label: "runAsGroup" description: "The groupID this App of the user running the application" schema: type: int default: 568 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons} # Include{codeserver} # Include{promtail} # Include{netshoot} # Include{vpn} # Include{documentation}