# Include{groups} portals: open: # Include{portalLink} questions: # Include{global} # Include{controller} # Include{controllerDeployment} # Include{replicas} # Include{replica1} # Include{strategy} # Include{recreate} # Include{controllerExpert} # Include{controllerExpertExtraArgs} - variable: env group: "Container Configuration" label: "Image Environment" schema: additional_attrs: true type: dict attrs: - variable: PASTEY_RESTRICT_PASTING label: "PASTEY_RESTRICT_PASTING" description: "Enabledisable restricting of pasting to whitelisted users." schema: type: string default: "False" - variable: PASTEY_RESTRICT_RAW_PASTING label: "PASTEY_RESTRICT_RAW_PASTING" description: "Enabledisable restricting of pasting via raw to whitelisted users." schema: type: string default: "True" - variable: PASTEY_RATE_LIMIT label: "PASTEY_RATE_LIMIT" description: "Rate limit for pasting, for non-whitelisted users." schema: type: string default: "5/hour" - variable: PASTEY_RECENT_PASTES label: "PASTEY_RECENT_PASTES" description: "Number of recent pastes to show on the home page." schema: type: string default: "10" - variable: PASTEY_BEHIND_PROXY label: "PASTEY_BEHIND_PROXY" description: "Inform Pastey if it is behind a reverse proxy (nginx, etc.). If this is the case, it will rely on HTTP headers X-Real-IP or X-Forwarded-For. NOTE Make sure your proxy config sets these values." schema: type: string default: "False" - variable: PASTEY_USE_WHITELIST label: "PASTEY_USE_WHITELIST" description: "Enabledisable whitelisting for admin tasks (view recent, delete, config)." schema: type: string default: "True" - variable: PASTEY_WHITELIST_CIDR label: "PASTEY_WHITELIST_CIDR" description: "List of whitelisted IP addresses or networks (in CIDR format)." schema: type: string default: "127.0.0.1/32,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16" - variable: PASTEY_GUESS_THRESHOLD label: "PASTEY_GUESS_THRESHOLD" description: "Threshold for automatic language detection guesses. If a result is below this value, it is treated as Plaintext." schema: type: string default: "0.20" # Include{containerConfig} # Include{serviceRoot} - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 5000 required: true # Include{advancedPortTCP} - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 5000 # Include{serviceExpertRoot} default: false # Include{serviceExpert} # Include{serviceList} # Include{persistenceRoot} - variable: data label: "data Storage" description: "Container Path appdata" schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} # Include{persistenceList} # Include{ingressRoot} - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressExpert} # Include{ingressList} # Include{security} # Include{securityContextAdvancedRoot} - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: false - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: false - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: false # Include{securityContextAdvanced} # Include{podSecurityContextRoot} - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 0 - variable: runAsGroup label: "runAsGroup" description: The groupID this App of the user running the application" schema: type: int default: 0 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons} # Include{documentation}