# Include{groups} portals: open: protocols: - "$kubernetes-resource_configmap_portal_protocol" host: - "$kubernetes-resource_configmap_portal_host" ports: - "$kubernetes-resource_configmap_portal_port" questions: - variable: portal group: "Container Image" label: "Configure Portal Button" schema: type: dict hidden: true attrs: - variable: enabled label: "Enable" description: "enable the portal button" schema: hidden: true editable: false type: boolean default: true # Include{global} - variable: controller group: "Controller" label: "" schema: additional_attrs: true type: dict attrs: - variable: advanced label: "Show Advanced Controller Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: type description: "Please specify type of workload to deploy" label: "(Advanced) Controller Type" schema: type: string default: "deployment" required: true enum: - value: "deployment" description: "Deployment" - value: "statefulset" description: "Statefulset" - value: "daemonset" description: "Daemonset" - variable: replicas description: "Number of desired pod replicas" label: "Desired Replicas" schema: type: int default: 1 required: true - variable: strategy description: "Please specify type of workload to deploy" label: "(Advanced) Update Strategy" schema: type: string default: "Recreate" required: true enum: - value: "Recreate" description: "Recreate: Kill existing pods before creating new ones" - value: "RollingUpdate" description: "RollingUpdate: Create new pods and then kill old ones" - value: "OnDelete" description: "(Legacy) OnDelete: ignore .spec.template changes" # Include{controllerExpert} - variable: radicale group: Container Configuration label: Radicale Configuration schema: additional_attrs: true type: dict attrs: - variable: server label: Server Configuration schema: additional_attrs: true type: dict attrs: - variable: max_connections label: max_connections description: The maximum number of parallel connections. Set to 0 to disable the limit. schema: type: int default: 8 required: true - variable: max_content_length label: max_content_length description: The maximum size of the request body. (bytes) schema: type: int default: 100000000 required: true - variable: timeout label: timeout description: Socket timeout. (seconds) schema: type: int default: 30 required: true - variable: encoding label: Encoding Configuration schema: additional_attrs: true type: dict attrs: - variable: request label: request description: Encoding for responding requests. schema: type: string default: utf-8 required: true - variable: stock label: stock description: Encoding for storing local collections. schema: type: string default: utf-8 required: true - variable: auth label: Auth Configuration schema: additional_attrs: true type: dict attrs: - variable: type label: type description: The method to verify usernames and passwords. schema: type: string default: htpasswd required: true enum: - value: none description: none - value: htpasswd description: htpasswd - value: http_x_remote_user description: http_x_remote_user - variable: delay label: delay description: Average delay after failed login attempts in seconds. schema: type: int default: 1 required: true - variable: realm label: realm description: Message displayed in the client when a password is needed. schema: type: string default: Radicale - Password Required required: true - variable: users label: Basic Authentication Users (htpasswd) schema: type: list default: [] items: - variable: usersEntry label: "" schema: additional_attrs: true type: dict attrs: - variable: username label: "Username" schema: type: string required: true default: "" - variable: password label: "Password" schema: type: string required: true private: true default: "" - variable: rights label: Rights Configuration schema: additional_attrs: true type: dict attrs: - variable: type label: type description: The backend that is used to check the access rights of collections. schema: type: string default: owner_only required: true enum: - value: authenticated description: authenticated - value: owner_only description: owner_only - value: owner_write description: owner_write - variable: storage label: Storage Configuration schema: additional_attrs: true type: dict attrs: - variable: type label: type description: The backend that is used to store data. schema: type: string default: multifilesystem required: true enum: - value: multifilesystem description: multifilesystem - value: multifilesystem_nolock description: multifilesystem_nolock - variable: max_sync_token_age label: max_sync_token_age description: Delete sync token that are older (seconds) schema: type: int default: 2592000 required: true - variable: web label: Web Configuration schema: additional_attrs: true type: dict attrs: - variable: type label: type description: The backend that provides the web interface of Radicale. schema: type: string default: internal required: true enum: - value: none description: none - value: internal description: internal - variable: logging label: Logging Configuration schema: additional_attrs: true type: dict attrs: - variable: level label: level description: Set the logging level. schema: type: string default: warning required: true enum: - value: debug description: debug - value: info description: info - value: warning description: warning - value: error description: error - value: critical description: critical - variable: mask_passwords label: mask_passwords description: Don't include passwords in logs. schema: type: boolean default: true # Include{containerConfig} - variable: service group: "Networking and Services" label: "Configure Service(s)" schema: additional_attrs: true type: dict attrs: - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelector} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 10255 required: true - variable: advanced label: "Show Advanced settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: protocol label: "Port Type" schema: type: string default: "HTTP" enum: - value: HTTP description: "HTTP" - value: "HTTPS" description: "HTTPS" - value: TCP description: "TCP" - value: "UDP" description: "UDP" - variable: nodePort label: "Node Port (Optional)" description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" schema: type: int min: 9000 max: 65535 - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 5232 - variable: serviceexpert group: "Networking and Services" label: "Show Expert Config" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: hostNetwork group: "Networking and Services" label: "Host-Networking (Complicated)" schema: type: boolean default: false # Include{serviceExpert} # Include{serviceList} - variable: persistence label: "Integrated Persistent Storage" description: "Integrated Persistent Storage" group: "Storage and Persistence" schema: additional_attrs: true type: dict attrs: - variable: data label: "App Data Storage" description: "Stores the Application Data." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} # Include{persistenceList} - variable: ingress label: "" group: "Ingress" schema: additional_attrs: true type: dict attrs: - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressExpert} # Include{ingressList} # Include{security} - variable: advancedSecurity label: "Show Advanced Security Settings" group: "Security and Permissions" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: securityContext label: "Security Context" schema: additional_attrs: true type: dict attrs: - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: true - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: false - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: true # Include{securityContextAdvanced} - variable: podSecurityContext group: "Security and Permissions" label: "Pod Security Context" schema: additional_attrs: true type: dict attrs: - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 2999 - variable: runAsGroup label: "runAsGroup" description: "The groupID this App of the user running the application" schema: type: int default: 2999 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 2999 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons}