# Include{groups} portals: open: # Include{portalLink} questions: # Include{global} # Include{controller} # Include{controllerDeployment} # Include{replicas} # Include{replica1} # Include{strategy} # Include{recreate} # Include{controllerExpert} # Include{controllerExpertExtraArgs} - variable: blocky group: Container Configuration label: Blocky Configuration schema: additional_attrs: true type: dict attrs: - variable: enableWebUI label: Enable Web UI description: Enables Web UI schema: type: boolean default: true - variable: enablePrometheus label: Enable Prometheus Endpoint description: Enables Prometheus Endpoint schema: type: boolean default: true - variable: overrideDefaults group: Container Configuration label: Override Default Upstreams description: Overrides the predefined DNS server upstream list schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: defaultUpstreams label: Default Upstreams schema: type: list default: [] items: - variable: upstreamEntry label: Upstream Entry schema: type: string required: true default: "" - variable: upstreams group: Container Configuration label: Upstreams Groups description: schema: type: list default: [] items: - variable: upstreamsGroupEntry label: Upstreams Group Entry schema: additional_attrs: true type: dict attrs: - variable: name label: Group Name schema: type: string required: true default: "" - variable: upstreams label: Upstreams schema: type: list required: true default: [] items: - variable: upstreamEntry label: upstream Entry schema: type: string required: true default: "" - variable: conditional group: Container Configuration label: Conditional schema: additional_attrs: true type: dict attrs: - variable: rewrite label: Rewrite schema: type: list default: [] items: - variable: rewriteEntry label: Rewrite Entry schema: type: dict additional_attrs: true attrs: - variable: in label: In schema: type: string required: true default: "" - variable: out label: Out schema: type: string required: true default: "" - variable: mapping label: Mapping schema: type: list default: [] items: - variable: mappingEntry label: Mapping Entry schema: type: dict additional_attrs: true attrs: - variable: domain label: Domain schema: type: string required: true default: "" - variable: dnsserver label: DNS Server schema: type: string required: true default: "" - variable: blocking group: Container Configuration label: Blocking schema: additional_attrs: true type: dict attrs: - variable: blockType label: Block Type description: Set the response should be sent to the client, if a requested query is blocked schema: type: string default: nxDomain - variable: blockTTL label: Block TTL description: Set the TTL for answers to blocked domains schema: type: string default: 6h - variable: refreshPeriod label: Refresh Period description: Set how often blocky should refresh list cache schema: type: string default: 4h - variable: downloadTimeout label: Download Timeout description: Download attempt timeout schema: type: string default: 60s - variable: downloadAttempts label: Download Attempts description: How many download attempts should be performed schema: type: int default: 3 - variable: downloadCooldown label: Download Cooldown description: Time between the download attempts schema: type: string default: 2s - variable: failStartOnListError label: Fail Start on List Error description: Fail to start if at least one list can't be downloaded or opened schema: type: boolean default: false - variable: processingConcurrency label: Processing Concurrency description: Sets how many list-groups can be processed at the same time schema: type: int default: 4 - variable: whitelist label: Whitelist description: Define whitelists, either URL or file schema: type: list default: [] items: - variable: whitelistEntry label: Whitelist Group Entry schema: additional_attrs: true type: dict attrs: - variable: name label: Group Name schema: type: string required: true default: "" - variable: lists label: Lists schema: type: list required: true default: [] items: - variable: listEntry label: List Entry schema: type: string required: true default: "" - variable: blacklist label: Blacklist description: Define blacklists, either URL or file schema: type: list default: [] items: - variable: blacklistEntry label: Blacklist Group Entry schema: additional_attrs: true type: dict attrs: - variable: name label: Group Name schema: type: string required: true default: "" - variable: lists label: Lists schema: type: list required: true default: [] items: - variable: listEntry label: List Entry schema: type: string required: true default: "" - variable: clientGroupsBlock label: Client Groups Block description: Define, which blocking group(s) should be used for which client in your network. schema: type: list default: [] items: - variable: clientGroupBlockEntry label: Client Group Block Entry schema: additional_attrs: true type: dict attrs: - variable: name label: Client Group Name schema: type: string required: true default: "" - variable: groups label: Groups schema: type: list required: true default: [] items: - variable: groupEntry label: Group Entry schema: type: string required: true default: "" - variable: k8sgateway group: Container Configuration label: k8s-Gateway Configuration schema: additional_attrs: true type: dict attrs: - variable: enabled label: Enable k8s-Gateway description: Enables k8s-Gateway schema: type: boolean default: true show_subquestions_if: true subquestions: - variable: domains label: Domains description: Please refer to CoreDNS docs for options schema: type: list default: [] items: - variable: domainEntry label: "" schema: additional_attrs: true type: dict attrs: - variable: domain label: Domain name schema: type: string required: true default: example.com - variable: dnsChallenge label: Forward dnsChallenge description: Optional configuration option for DNS01 challenge that will redirect all acme schema: additional_attrs: true type: dict attrs: - variable: enabled label: Enable schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: domain label: Forward to Domain schema: type: string required: true default: dns01.clouddns.com - variable: advancedOptions label: Advanced Options schema: type: boolean default: false show_if: [["enabled", "=", "true"]] show_subquestions_if: true subquestions: - variable: ttl label: ttl description: TTL for non-apex responses (in seconds) schema: type: int default: 300 - variable: watchedResources label: Watched Resources description: imit what kind of resources to watch, e.g. Ingress schema: type: list default: [] items: - variable: watchedResource label: Watched Resource schema: type: string default: "" - variable: secondary label: Secondary DNS Server Service description: Service name of a secondary DNS server (should be serviceName.namespace) schema: type: string default: "" - variable: apex label: Apex description: Override the default `serviceName.namespace` domain apex schema: type: string default: "" # Include{containerConfig} # Include{serviceRoot} - variable: main label: Main Service description: The Primary service on which the healthcheck runs, often the webUI schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main label: Main Service Port Configuration schema: additional_attrs: true type: dict attrs: - variable: port label: Port description: This port exposes the container port on the service schema: type: int default: 10315 required: true # Include{advancedPortHTTP} - variable: targetPort label: Target Port description: The internal(!) port on the container the Application runs on schema: type: int default: 80 - variable: dns-tcp label: DNS TCP Service description: The DNS TCP service schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: dns-tcp label: DNS TCP Port Configuration schema: additional_attrs: true type: dict attrs: - variable: port label: Port description: This port exposes the container port on the service schema: type: int default: 53 required: true # Include{advancedPortTCP} - variable: targetPort label: Target Port description: The internal(!) port on the container the Application runs on schema: type: int default: 53 - variable: dns-udp label: DNS UDP Service description: The DNS UDP service schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: dns-udp label: DNS UDP Port Configuration schema: additional_attrs: true type: dict attrs: - variable: port label: Port description: This port exposes the container port on the service schema: type: int default: 53 required: true # Include{advancedPortUDP} - variable: targetPort label: Target Port description: The internal(!) port on the container the Application runs on schema: type: int default: 53 - variable: dot label: DoT Service description: "DNS-over-TLS service" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorClusterIP} # Include{serviceSelectorExtras} - variable: dot label: DoT Port Configuration schema: additional_attrs: true type: dict attrs: - variable: port label: Port description: This port exposes the container port on the service schema: type: int default: 853 required: true # Include{advancedPortUDP} - variable: targetPort label: Target Port description: The internal(!) port on the container the Application runs on schema: type: int default: 853 - variable: http label: HTTP and Metrics Service description: "service for things like metrics, pprof, API, DoH etc" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorClusterIP} # Include{serviceSelectorExtras} - variable: http label: HTTP and Metrics Port Configuration schema: additional_attrs: true type: dict attrs: - variable: port label: Port description: This port exposes the container port on the service schema: type: int default: 4000 required: true # Include{advancedPortUDP} - variable: targetPort label: Target Port description: The internal(!) port on the container the Application runs on schema: type: int default: 4000 # Include{serviceExpertRoot} default: false # Include{serviceExpert} # Include{serviceList} # Include{persistenceList} # Include{ingressRoot} - variable: main label: Main Ingress schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressExpert} # Include{ingressList} # Include{security} # Include{securityContextAdvancedRoot} - variable: privileged label: Privileged mode schema: type: boolean default: false - variable: readOnlyRootFilesystem label: ReadOnly Root Filesystem schema: type: boolean default: true - variable: allowPrivilegeEscalation label: Allow Privilege Escalation schema: type: boolean default: false - variable: runAsNonRoot label: runAsNonRoot schema: type: boolean default: true # Include{securityContextAdvanced} # Include{podSecurityContextRoot} - variable: runAsUser label: runAsUser description: The UserID of the user running the application schema: type: int default: 568 - variable: runAsGroup label: runAsGroup description: The groupID this App of the user running the application schema: type: int default: 568 - variable: fsGroup label: fsGroup description: The group that should own ALL storage. schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons} # Include{documentation}