# Include{groups} portals: open: protocols: - "$kubernetes-resource_configmap_portal_protocol" host: - "$kubernetes-resource_configmap_portal_host" ports: - "$kubernetes-resource_configmap_portal_port" admin: protocols: - "$kubernetes-resource_configmap_portal_protocol" host: - "$kubernetes-resource_configmap_portal_host" ports: - "$kubernetes-resource_configmap_portal_port" path: "/ghost" questions: - variable: portal group: "Container Image" label: "Configure Portal Button" schema: type: dict hidden: true attrs: - variable: enabled label: "Enable" description: "enable the portal button" schema: hidden: true editable: false type: boolean default: true # Include{global} - variable: controller group: "Controller" label: "" schema: additional_attrs: true type: dict attrs: - variable: advanced label: "Show Advanced Controller Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: type description: "Please specify type of workload to deploy" label: "(Advanced) Controller Type" schema: type: string default: "deployment" required: true enum: - value: "deployment" description: "Deployment" - value: "statefulset" description: "Statefulset" - value: "daemonset" description: "Daemonset" - variable: replicas description: "Number of desired pod replicas" label: "Desired Replicas" schema: type: int default: 1 required: true - variable: strategy description: "Please specify type of workload to deploy" label: "(Advanced) Update Strategy" schema: type: string default: "Recreate" required: true enum: - value: "Recreate" description: "Recreate: Kill existing pods before creating new ones" - value: "RollingUpdate" description: "RollingUpdate: Create new pods and then kill old ones" - value: "OnDelete" description: "(Legacy) OnDelete: ignore .spec.template changes" # Include{controllerExpert} # Docker specific env - variable: env group: "Container Configuration" label: "Image Environment" schema: additional_attrs: true type: dict attrs: # Include{fixedEnv} - variable: url label: "URL" description: "Enter the URL that is used to access your publication" schema: type: string default: "http://localhost:10165" - variable: useMinFiles label: "useMinFiles" description: "Generate assets url with .min notation" schema: type: boolean default: true - variable: imageOptimization__resize label: "Image Optimization: Resize" description: "Automatically process and compress" schema: type: boolean default: true - variable: imageOptimization__srcsets label: "Image Optimization: srcsets" description: "Image Optimization: srcsets" schema: type: boolean default: true - variable: compress label: "Compress" description: "Compress" schema: type: boolean default: true - variable: preloadHeaders label: "Preload Headers" description: "Preload Headers" schema: type: boolean default: false - variable: adminFrameProtection label: "Admin Frame Protection" description: "Admin Frame Protection" schema: type: boolean default: true - variable: sendWelcomeEmail label: "Send Welcome Email" description: "Send Welcome Email" schema: type: boolean default: true - variable: stripeDirect label: "Stripe Direct" description: "Stripe Direct" schema: type: boolean default: false - variable: enableStripePromoCodes label: "Enable Stripe Promo Codes" description: "Enable Stripe Promo Codes" schema: type: boolean default: false - variable: emailAnalytics label: "Email Analytics" description: "Email Analytics" schema: type: boolean default: true - variable: backgroundJobs__emailAnalytics label: "Background Jobs Email Analytics" description: "Background Jobs Email Analytics" schema: type: boolean default: true - variable: useMinFiles label: "useMinFiles" description: "Generate assets url with .min notation" schema: type: boolean default: true - variable: privacy__useTinfoil label: "Privacy: Use Tin Foil" description: "Turn privacy features on or off" schema: type: boolean default: false show_subquestions_if: false subquestions: - variable: privacy__useUpdateCheck label: "Privacy: Use Update Checks" description: "Enable Update Checks" schema: type: boolean default: true - variable: privacy__useGravatar label: "Privacy: Use Gravatar" description: "Enable Gravatar" schema: type: boolean default: true - variable: privacy__useRpcPing label: "Privacy: Use RPC Ping" description: "Enable RPC Pings" schema: type: boolean default: true - variable: privacy__useStructuredData label: "Privacy: Use Structured Data" description: "Enable Structured Data" schema: type: boolean default: true - variable: mailenabled label: "Mail Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: mail__from label: "Mail: From Address" description: "From Address eg ('Ghost Admin' )" schema: type: string default: "" - variable: mail__transport label: "Mail: Transport" description: "Transport" schema: type: string default: "SMTP" - variable: mail__options__service label: "Mail: Options - Service" description: "Service eg (Mailgun)" schema: type: string default: "" - variable: mail__options__port label: "Mail: Options - Port" description: "Port eg (587)" schema: type: string default: "" - variable: mail__options__secure label: "Mail: Options - Secure" description: "Enable Secure Mail" schema: type: boolean default: false - variable: mail__options__auth__user label: "Mail: Options - Auth - User" description: "Username for mail provider" schema: type: string default: "" - variable: mail__options__auth__pass label: "Mail: Options - Auth - Password" description: "Password for mail provider" schema: type: string private: true default: "" - variable: integrationsenabled label: "Integration Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: twitter__privateReadOnlyToken label: "Twitter: Private Read Only Token" description: "Twitter: Private Read Only Token" schema: type: string private: true default: "" - variable: opensea__privateReadOnlyApiKey label: "Opensea: Private Read Only API Key" description: "Opensea: Private Read Only API Key" schema: type: string private: true default: "" - variable: tenor__publicReadOnlyApiKey label: "Tenor: Private Read Only API Key" description: "Tenor: Private Read Only API Key" schema: type: string private: true default: "" - variable: tenor__contentFilter label: "Tenor: Content Filter" description: "Tenor: Content Filter" schema: type: string default: "off" enum: - value: "off" description: "off" - value: "on" description: "on" # Include{containerConfig} - variable: service group: "Networking and Services" label: "Configure Service(s)" schema: additional_attrs: true type: dict attrs: - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelector} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 10166 required: true - variable: advanced label: "Show Advanced settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: protocol label: "Port Type" schema: type: string default: "HTTP" enum: - value: HTTP description: "HTTP" - value: "HTTPS" description: "HTTPS" - value: TCP description: "TCP" - value: "UDP" description: "UDP" - variable: nodePort label: "Node Port (Optional)" description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" schema: type: int min: 9000 max: 65535 - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 10166 - variable: serviceexpert group: "Networking and Services" label: "Show Expert Config" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: hostNetwork group: "Networking and Services" label: "Host-Networking (Complicated)" schema: type: boolean default: false # Include{serviceExpert} # Include{serviceList} - variable: persistence label: "Integrated Persistent Storage" description: "Integrated Persistent Storage" group: "Storage and Persistence" schema: additional_attrs: true type: dict attrs: - variable: content label: "App Content Storage" description: "Stores the Application Content." schema: additional_attrs: true type: dict attrs: - variable: type label: "Type of Storage" description: "Sets the persistence type, Anything other than PVC could break rollback!" schema: type: string default: "simplePVC" enum: - value: "simplePVC" description: "PVC (simple)" - value: "simpleHP" description: "HostPath (simple)" - value: "emptyDir" description: "emptyDir" - value: "pvc" description: "pvc" - value: "hostPath" description: "hostPath" # Include{persistenceBasic} - variable: hostPath label: "hostPath" description: "Path inside the container the storage is mounted" schema: show_if: [["type", "=", "hostPath"]] type: hostpath - variable: medium label: "EmptyDir Medium" schema: show_if: [["type", "=", "emptyDir"]] type: string default: "" enum: - value: "" description: "Default" - value: "Memory" description: "Memory" # Include{persistenceAdvanced} # Include{persistenceList} - variable: ingress label: "" group: "Ingress" schema: additional_attrs: true type: dict attrs: - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressExpert} # Include{ingressList} - variable: advancedSecurity label: "Show Advanced Security Settings" group: "Security and Permissions" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: securityContext label: "Security Context" schema: additional_attrs: true type: dict attrs: - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: true - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: false - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: true # Include{securityContextAdvanced} - variable: podSecurityContext group: "Security and Permissions" label: "Pod Security Context" schema: additional_attrs: true type: dict attrs: - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 568 - variable: runAsGroup label: "runAsGroup" description: The groupID this App of the user running the application" schema: type: int default: 568 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons}