# Include{groups} portals: open: # Include{portalLink} path: "/" admin: # Include{portalLink} path: "/browser/dist/admin/admin.html" questions: # Include{global} # Include{controller} # Include{replicas} # Include{replica1} # Include{controllerExpertExtraArgs} - variable: secretEnv group: "App Configuration" label: "Image Secrets" schema: additional_attrs: true type: dict attrs: - variable: username label: "Username for WebUI" schema: type: string default: "admin" required: true - variable: password label: "Password for WebUI" schema: type: string valid_chars: "[a-zA-Z0-9!@#$%^&*?]{8,}" private: true required: true default: "REPLACETHIS" - variable: env group: "App Configuration" label: "Image Environment" schema: additional_attrs: true type: dict attrs: - variable: aliasgroup1 label: "aliasgroup1" description: "Comma separated hosts list." schema: type: string default: "" - variable: dictionaries label: "Dictionaries to use, leave empty to use all" schema: type: string default: "de_DE en_GB en_US es_ES fr_FR it nl pt_BR pt_PT ru" - variable: extra_params label: "Extra Parameters to add" description: 'e.g. "--o:welcome.enable=false", See more on /etc/loolwsd/loolwsd.xml. Separate params with space' schema: type: string default: "--o:welcome.enable=false --o:logging.level=information --o:user_interface.mode=notebookbar --o:ssl.termination=true --o:ssl.enable=false" - variable: DONT_GEN_SSL_CERT label: "DONT_GEN_SSL_CERT" description: "When set to true it does NOT generate an SSL cert, you have to use your own" schema: type: boolean default: true - variable: server_name label: "Server Name" description: "When this environment variable is set (is not empty), then its value will be used as server name in /etc/loolwsd/loolwsd.xml. Without this, CODE is not delivering a correct host for the websocket connection in case of a proxy in front of it." schema: type: string default: 'collabora.domain.tld' valid_chars: '^((([a-z\d](-?[a-z\d]){0,62})\.)*(([a-z\d](-?[a-z\d]){0,62})\.)([a-z](-?[a-z\d]){1,62})|((\d{1,3}\.){3}\d{1,3}))$' # Include{containerConfig} # Include{serviceRoot} - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 10105 required: true # Include{serviceExpertRoot} default: false # Include{serviceExpert} # Include{serviceList} # Include{persistenceList} # Include{ingressRoot} - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressList} # Include{security} # Include{securityContextAdvancedRoot} - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: false - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: true - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: true # Include{podSecurityContextRoot} - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 104 - variable: runAsGroup label: "runAsGroup" description: "The groupID this App of the user running the application" schema: type: int default: 106 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons} # Include{codeserver} # Include{vpn} # Include{documentation}