# Include{groups} portals: open: protocols: - "$kubernetes-resource_configmap_portal_protocol" host: - "$kubernetes-resource_configmap_portal_host" ports: - "$kubernetes-resource_configmap_portal_port" questions: - variable: portal group: "Container Image" label: "Configure Portal Button" schema: type: dict hidden: true attrs: - variable: enabled label: "Enable" description: "enable the portal button" schema: hidden: true editable: false type: boolean default: true # Include{global} - variable: controller group: "Controller" label: "" schema: additional_attrs: true type: dict attrs: - variable: advanced label: "Show Advanced Controller Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: type description: "Please specify type of workload to deploy" label: "(Advanced) Controller Type" schema: type: string default: "deployment" required: true enum: - value: "deployment" description: "Deployment" - value: "statefulset" description: "Statefulset" - value: "daemonset" description: "Daemonset" - variable: replicas description: "Number of desired pod replicas" label: "Desired Replicas" schema: type: int default: 1 required: true - variable: strategy description: "Please specify type of workload to deploy" label: "(Advanced) Update Strategy" schema: type: string default: "Recreate" required: true enum: - value: "Recreate" description: "Recreate: Kill existing pods before creating new ones" - value: "RollingUpdate" description: "RollingUpdate: Create new pods and then kill old ones" - value: "OnDelete" description: "(Legacy) OnDelete: ignore .spec.template changes" # Include{controllerExpert} - variable: env group: "Container Configuration" label: "Image Environment" schema: additional_attrs: true type: dict attrs: - variable: ROOT_URL label: "ROOT_URL" schema: type: string default: "" required: true - variable: BROWSER_POLICY_ENABLED label: "BROWSER_POLICY_ENABLED" description: "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside." schema: type: boolean default: false - variable: TRUSTED_URL label: "TRUSTED_URL" description: "When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside." schema: type: string default: "" - variable: logoutenabled label: "Logout/Login Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: LOGOUT_WITH_TIMER label: "LOGOUT_WITH_TIMER" schema: type: boolean default: false - variable: LOGOUT_IN label: "LOGOUT_IN (Days)" schema: type: int default: 0 - variable: LOGOUT_ON_HOURS label: "LOGOUT_ON_HOURS" schema: type: int default: 0 - variable: LOGOUT_ON_MINUTES label: "LOGOUT_ON_MINUTES" schema: type: int default: 0 - variable: ACCOUNTS_COMMON_LOGIN_EXPIRATION_IN_DAYS label: "ACCOUNTS_COMMON_LOGIN_EXPIRATION_IN_DAYS" schema: type: int default: 90 - variable: passwordnabled label: "Password Brute Force Protection Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE label: "ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE" schema: type: int default: 3 - variable: ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD label: "ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD" schema: type: int default: 60 - variable: ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW label: "ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW" schema: type: int default: 15 - variable: ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE label: "ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE" schema: type: int default: 3 - variable: ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD label: "ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD" schema: type: int default: 60 - variable: ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW label: "ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW" schema: type: int default: 15 - variable: imagenabled label: "Image Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: MAX_IMAGE_PIXEL label: "MAX_IMAGE_PIXEL" schema: type: int default: 1024 - variable: IMAGE_COMPRESS_RATIO label: "IMAGE_COMPRESS_RATIO" schema: type: int default: 80 - variable: mailenabled label: "Mail Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: MAIL_URL label: "MAIL_URL" schema: type: string default: "" - variable: MAIL_SERVICE_USER label: "MAIL_SERVICE_USER" schema: type: string default: "" - variable: MAIL_SERVICE_PASSWORD label: "MAIL_SERVICE_PASSWORD" schema: type: string private: true default: "" - variable: MAIL_SERVICE label: "MAIL_SERVICE" schema: type: string default: "" - variable: notificationsenabled label: "Notifications Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: BIGEVENTS_PATTERN label: "BIGEVENTS_PATTERN" schema: type: string default: "NONE" - variable: NOTIFICATION_TRAY_AFTER_READ_DAYS_BEFORE_REMOVE label: "NOTIFICATION_TRAY_AFTER_READ_DAYS_BEFORE_REMOVE" description: "Number of days after a notification is read before we remove it." schema: type: int default: 90 - variable: EMAIL_NOTIFICATION_TIMEOUT label: "EMAIL_NOTIFICATION_TIMEOUT" schema: type: int default: 30000 - variable: NOTIFY_DUE_DAYS_BEFORE_AND_AFTER label: "NOTIFY_DUE_DAYS_BEFORE_AND_AFTER" description: "Notify due days, default is None, 2 days before and on the event day" schema: type: string default: "2,0" - variable: NOTIFY_DUE_AT_HOUR_OF_DAY label: "NOTIFY_DUE_AT_HOUR_OF_DAY" description: "Notify due at hour of day." schema: type: int default: 8 - variable: personalizationenabled label: "UX Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: RESULTS_PER_PAGE label: "RESULTS_PER_PAGE" schema: type: int default: 20 required: true - variable: RICHER_CARD_COMMENT_EDITOR label: "RICHER_CARD_COMMENT_EDITOR" schema: type: boolean default: false - variable: CARD_OPENED_WEBHOOK_ENABLED label: "CARD_OPENED_WEBHOOK_ENABLED" schema: type: boolean default: false - variable: PASSWORD_LOGIN_ENABLED label: "PASSWORD_LOGIN_ENABLED" schema: type: boolean default: false - variable: WAIT_SPINNER label: "WAIT_SPINNER" description: "Sets the Wait Spinner animation" schema: type: string default: "Bounce" enum: - value: "Bounce" description: "Bounce" - value: "Cube" description: "Cube" - value: "Cube-Grid" description: "Cube-Grid" - value: "Dot" description: "Dot" - value: "Double-Bounce" description: "Double-Bounce" - value: "Rotateplane" description: "Rotateplane" - value: "Scaleout" description: "Scaleout" - value: "Wave" description: "Wave" - variable: backendenabled label: "Backend Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: WITH_API label: "WITH_API" schema: type: boolean default: true - variable: WEBHOOKS_ATTRIBUTES label: "WEBHOOKS_ATTRIBUTES" description: "What to send to Outgoing Webhook." schema: type: string default: "cardId,listId,oldListId,boardId,comment,user,card,commentId,swimlaneId,customerField,customFieldValue" - variable: corsenabled label: "CORS Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: CORS label: "CORS" schema: type: string default: "*" - variable: CORS_ALLOW_HEADERS label: "CORS_ALLOW_HEADERS" schema: type: string default: "Authorization,Content-Type" - variable: CORS_EXPOSE_HEADERS label: "CORS_EXPOSE_HEADERS" schema: type: string default: "*" - variable: matomoenabled label: "Matomo Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: MATOMO_ADDRESS label: "MATOMO_ADDRESS" description: "The address of the server where Matomo is hosted." schema: type: string default: "" - variable: MATOMO_SITE_ID label: "MATOMO_SITE_ID" description: "The value of the site ID given in Matomo server for Wekan." schema: type: int default: 1 - variable: MATOMO_DO_NOT_TRACK label: "MATOMO_DO_NOT_TRACK" description: "The option do not track which enables users to not be tracked by matomo." schema: type: boolean default: true - variable: MATOMO_WITH_USERNAME label: "MATOMO_WITH_USERNAME" description: "The option that allows matomo to retrieve the username." schema: type: boolean default: true - variable: ORACLE_OIM_ENABLED label: "ORACLE_OIM_ENABLED" description: "OAUTH2 ORACLE on premise identity manager OIM" schema: type: boolean default: false - variable: oatuhncenabled label: "OAUTH2 Nextcloud Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: OAUTH2_ENABLED label: "OAUTH2_ENABLED" schema: type: boolean default: false - variable: OAUTH2_LOGIN_STYLE label: "OAUTH2_LOGIN_STYLE" description: "OAuth2 login style: popup or redirect." schema: type: string default: "redirect" enum: - value: "redirect" description: "redirect" - value: "popup" description: "popup" - variable: OAUTH2_CLIENT_ID label: "OAUTH2_CLIENT_ID" description: "Application GUID captured during app registration" schema: type: string default: "" - variable: OAUTH2_SECRET label: "OAUTH2_SECRET" description: "Secret key generated during app registration" schema: type: string default: "" - variable: OAUTH2_SERVER_URL label: "OAUTH2_SERVER_URL" schema: type: string default: "" - variable: OAUTH2_AUTH_ENDPOINT label: "OAUTH2_AUTH_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_USERINFO_ENDPOINT label: "OAUTH2_USERINFO_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_TOKEN_ENDPOINT label: "OAUTH2_TOKEN_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_ID_MAP label: "OAUTH2_ID_MAP" description: "The claim name you want to map to the unique ID field." schema: type: string default: "" - variable: OAUTH2_USERNAME_MAP label: "OAUTH2_USERNAME_MAP" description: "The claim name you want to map to the username field." schema: type: string default: "" - variable: OAUTH2_FULLNAME_MAP label: "OAUTH2_FULLNAME_MAP" description: "The claim name you want to map to the full name field." schema: type: string default: "" - variable: OAUTH2_EMAIL_MAP label: "OAUTH2_EMAIL_MAP" description: "The claim name you want to map to the email field." schema: type: string default: "" - variable: oatuhkeycloackenabled label: "OAUTH2 Keycloack Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: OAUTH2_ENABLED label: "OAUTH2_ENABLED" schema: type: boolean default: false - variable: OAUTH2_LOGIN_STYLE label: "OAUTH2_LOGIN_STYLE" description: "OAuth2 login style: popup or redirect." schema: type: string default: "redirect" enum: - value: "redirect" description: "redirect" - value: "popup" description: "popup" - variable: OAUTH2_CLIENT_ID label: "OAUTH2_CLIENT_ID" description: "Application GUID captured during app registration" schema: type: string default: "" - variable: OAUTH2_SECRET label: "OAUTH2_SECRET" description: "Secret key generated during app registration" schema: type: string default: "" - variable: OAUTH2_SERVER_URL label: "OAUTH2_SERVER_URL" schema: type: string default: "" - variable: OAUTH2_AUTH_ENDPOINT label: "OAUTH2_AUTH_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_USERINFO_ENDPOINT label: "OAUTH2_USERINFO_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_TOKEN_ENDPOINT label: "OAUTH2_TOKEN_ENDPOINT" schema: type: string default: "" - variable: oatuhdoorkeeperenabled label: "OAUTH2 Doorkeeper Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: OAUTH2_ENABLED label: "OAUTH2_ENABLED" schema: type: boolean default: false - variable: OAUTH2_LOGIN_STYLE label: "OAUTH2_LOGIN_STYLE" description: "OAuth2 login style: popup or redirect." schema: type: string default: "redirect" enum: - value: "redirect" description: "redirect" - value: "popup" description: "popup" - variable: OAUTH2_CLIENT_ID label: "OAUTH2_CLIENT_ID" description: "Application GUID captured during app registration" schema: type: string default: "" - variable: OAUTH2_SECRET label: "OAUTH2_SECRET" description: "Secret key generated during app registration" schema: type: string default: "" - variable: OAUTH2_SERVER_URL label: "OAUTH2_SERVER_URL" schema: type: string default: "" - variable: OAUTH2_AUTH_ENDPOINT label: "OAUTH2_AUTH_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_USERINFO_ENDPOINT label: "OAUTH2_USERINFO_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_TOKEN_ENDPOINT label: "OAUTH2_TOKEN_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_ID_TOKEN_WHITELIST_FIELDS label: "OAUTH2_ID_TOKEN_WHITELIST_FIELDS" schema: type: string default: "" - variable: OAUTH2_REQUEST_PERMISSIONS label: "OAUTH2_REQUEST_PERMISSIONS" description: "The claim name you want to map to the unique ID field." schema: type: string default: "" - variable: OAUTH2_ID_MAP label: "OAUTH2_ID_MAP" description: "The claim name you want to map to the unique ID field." schema: type: string default: "" - variable: OAUTH2_USERNAME_MAP label: "OAUTH2_USERNAME_MAP" description: "The claim name you want to map to the username field." schema: type: string default: "" - variable: OAUTH2_FULLNAME_MAP label: "OAUTH2_FULLNAME_MAP" description: "The claim name you want to map to the full name field." schema: type: string default: "" - variable: OAUTH2_EMAIL_MAP label: "OAUTH2_EMAIL_MAP" description: "The claim name you want to map to the email field." schema: type: string default: "" - variable: oatuhazureenabled label: "OAUTH2 Azure Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: OAUTH2_ENABLED label: "OAUTH2_ENABLED" schema: type: boolean default: false - variable: OAUTH2_CA_CERT label: "OAUTH2_CA_CERT" schema: type: string private: true default: "" - variable: OAUTH2_ADFS_ENABLED label: "OAUTH2_ADFS_ENABLED" schema: type: boolean default: false - variable: OAUTH2_LOGIN_STYLE label: "OAUTH2_LOGIN_STYLE" description: "OAuth2 login style: popup or redirect." schema: type: string default: "redirect" enum: - value: "redirect" description: "redirect" - value: "popup" description: "popup" - variable: OAUTH2_CLIENT_ID label: "OAUTH2_CLIENT_ID" description: "Application GUID captured during app registration" schema: type: string default: "" - variable: OAUTH2_SECRET label: "OAUTH2_SECRET" description: "Secret key generated during app registration" schema: type: string default: "" - variable: OAUTH2_SERVER_URL label: "OAUTH2_SERVER_URL" schema: type: string default: "" - variable: OAUTH2_AUTH_ENDPOINT label: "OAUTH2_AUTH_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_USERINFO_ENDPOINT label: "OAUTH2_USERINFO_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_TOKEN_ENDPOINT label: "OAUTH2_TOKEN_ENDPOINT" schema: type: string default: "" - variable: OAUTH2_ID_MAP label: "OAUTH2_ID_MAP" description: "The claim name you want to map to the unique ID field." schema: type: string default: "" - variable: OAUTH2_USERNAME_MAP label: "OAUTH2_USERNAME_MAP" description: "The claim name you want to map to the username field." schema: type: string default: "" - variable: OAUTH2_FULLNAME_MAP label: "OAUTH2_FULLNAME_MAP" description: "The claim name you want to map to the full name field." schema: type: string default: "" - variable: OAUTH2_EMAIL_MAP label: "OAUTH2_EMAIL_MAP" description: "The claim name you want to map to the email field." schema: type: string default: "" - variable: ldapenabled label: "LDAP Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: LDAP_ENABLE label: "LDAP_ENABLE" schema: type: boolean default: false - variable: DEFAULT_AUTHENTICATION_METHOD label: "DEFAULT_AUTHENTICATION_METHOD" schema: type: string default: "ldap" - variable: LDAP_PORT label: "LDAP_PORT" schema: type: int default: 389 - variable: LDAP_HOST label: "LDAP_HOST" schema: type: string default: "" - variable: LDAP_AD_SIMPLE_AUTH label: "LDAP_AD_SIMPLE_AUTH" schema: type: boolean default: false - variable: LDAP_USER_AUTHENTICATION label: "LDAP_USER_AUTHENTICATION" schema: type: boolean default: false - variable: LDAP_USER_AUTHENTICATION_FIELD label: "LDAP_USER_AUTHENTICATION_FIELD" schema: type: string default: "uid" - variable: LDAP_DEFAULT_DOMAIN label: "LDAP_DEFAULT_DOMAIN" schema: type: string default: "" - variable: LDAP_BASEDN label: "LDAP_BASEDN" schema: type: string default: "" - variable: LDAP_LOGIN_FALLBACK label: "LDAP_LOGIN_FALLBACK" schema: type: boolean default: false - variable: LDAP_RECONNECT label: "LDAP_RECONNECT" schema: type: boolean default: true - variable: LDAP_TIMEOUT label: "LDAP_TIMEOUT" schema: type: int default: 10000 - variable: LDAP_IDLE_TIMEOUT label: "LDAP_IDLE_TIMEOUT" schema: type: int default: 10000 - variable: LDAP_CONNECT_TIMEOUT label: "LDAP_CONNECT_TIMEOUT" schema: type: int default: 10000 - variable: LDAP_AUTHENTIFICATION label: "LDAP_AUTHENTIFICATION" schema: type: boolean default: true - variable: LDAP_AUTHENTIFICATION_USERDN label: "LDAP_AUTHENTIFICATION_USERDN" schema: type: string default: "" - variable: LDAP_AUTHENTIFICATION_PASSWORD label: "LDAP_AUTHENTIFICATION_PASSWORD" schema: type: string private: true default: "" - variable: LDAP_LOG_ENABLED label: "LDAP_LOG_ENABLED" schema: type: boolean default: true - variable: LDAP_BACKGROUND_SYNC label: "LDAP_BACKGROUND_SYNC" schema: type: boolean default: true - variable: LDAP_BACKGROUND_SYNC_INTERVAL label: "LDAP_BACKGROUND_SYNC_INTERVAL" schema: type: string default: "every 1 hour" - variable: LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED label: "LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED" schema: type: boolean default: false - variable: LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS label: "LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS" schema: type: boolean default: false - variable: LDAP_ENCRYPTION label: "LDAP_ENCRYPTION" schema: type: string default: "false" - variable: LDAP_CA_CERT label: "LDAP_CA_CERT" schema: type: string private: true default: "" - variable: LDAP_REJECT_UNAUTHORIZED label: "LDAP_REJECT_UNAUTHORIZED" schema: type: boolean default: false - variable: LDAP_USER_SEARCH_FILTER label: "LDAP_USER_SEARCH_FILTER" schema: type: string default: "" - variable: LDAP_USER_SEARCH_SCOPE label: "LDAP_USER_SEARCH_SCOPE" schema: type: string default: "one" enum: - value: "one" description: "one" - value: "base" description: "base" - value: "sub" description: "sub" - variable: LDAP_USER_SEARCH_FIELD label: "LDAP_USER_SEARCH_FIELD" schema: type: string default: "" - variable: LDAP_SEARCH_PAGE_SIZE label: "LDAP_SEARCH_PAGE_SIZE" schema: type: int default: 0 - variable: LDAP_SEARCH_SIZE_LIMIT label: "LDAP_SEARCH_SIZE_LIMIT" schema: type: int default: 0 - variable: LDAP_GROUP_FILTER_ENABLE label: "LDAP_GROUP_FILTER_ENABLE" schema: type: boolean default: false - variable: LDAP_GROUP_FILTER_OBJECTCLASS label: "LDAP_GROUP_FILTER_OBJECTCLASS" schema: type: string default: "" - variable: LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE label: "LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE" schema: type: string default: "" - variable: LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE label: "LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE" schema: type: string default: "" - variable: LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT label: "LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT" schema: type: string default: "" - variable: LDAP_GROUP_FILTER_GROUP_NAME label: "LDAP_GROUP_FILTER_GROUP_NAME" schema: type: string default: "" - variable: LDAP_UNIQUE_IDENTIFIER_FIELD label: "LDAP_UNIQUE_IDENTIFIER_FIELD" schema: type: string default: "" - variable: LDAP_UTF8_NAMES_SLUGIFY label: "LDAP_UTF8_NAMES_SLUGIFY" schema: type: boolean default: true - variable: LDAP_USERNAME_FIELD label: "LDAP_USERNAME_FIELD" schema: type: string default: "" - variable: LDAP_FULLNAME_FIELD label: "LDAP_FULLNAME_FIELD" schema: type: string default: "fullname" - variable: LDAP_MERGE_EXISTING_USERS label: "LDAP_MERGE_EXISTING_USERS" schema: type: boolean default: false - variable: LDAP_EMAIL_MATCH_ENABLE label: "LDAP_EMAIL_MATCH_ENABLE" schema: type: boolean default: true - variable: LDAP_EMAIL_MATCH_REQUIRE label: "LDAP_EMAIL_MATCH_REQUIRE" schema: type: boolean default: true - variable: LDAP_EMAIL_MATCH_VERIFIED label: "LDAP_EMAIL_MATCH_VERIFIED" schema: type: boolean default: true - variable: LDAP_EMAIL_FIELD label: "LDAP_EMAIL_FIELD" schema: type: string default: "mail" - variable: LDAP_SYNC_USER_DATA label: "LDAP_SYNC_USER_DATA" schema: type: boolean default: false - variable: LDAP_SYNC_USER_DATA_FIELDMAP label: "LDAP_SYNC_USER_DATA_FIELDMAP" schema: type: string default: "" - variable: LDAP_SYNC_GROUP_ROLES label: "LDAP_SYNC_GROUP_ROLES" schema: type: string default: "" - variable: LDAP_SYNC_ADMIN_STATUS label: "LDAP_SYNC_ADMIN_STATUS" schema: type: boolean default: true - variable: LDAP_SYNC_ADMIN_GROUPS label: "LDAP_SYNC_ADMIN_GROUPS" schema: type: string default: "" - variable: headerenabled label: "LDAP Header Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: HEADER_LOGIN_ID label: "HEADER_LOGIN_ID" schema: type: string default: "" - variable: HEADER_LOGIN_FIRSTNAME label: "HEADER_LOGIN_FIRSTNAME" schema: type: string default: "" - variable: HEADER_LOGIN_LASTNAME label: "HEADER_LOGIN_LASTNAME" schema: type: string default: "" - variable: HEADER_LOGIN_EMAIL label: "HEADER_LOGIN_EMAIL" schema: type: string default: "" - variable: casenabled label: "CAS Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: CAS_ENABLED label: "CAS_ENABLED" schema: type: boolean default: false - variable: CAS_BASE_URL label: "CAS_BASE_URL" schema: type: string default: "" - variable: CAS_LOGIN_URL label: "CAS_LOGIN_URL" schema: type: string default: "" - variable: CAS_VALIDATE_URL label: "CAS_VALIDATE_URL" schema: type: string default: "" - variable: samlenabled label: "SAML Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: SAML_ENABLED label: "SAML_ENABLED" schema: type: boolean default: false - variable: SAML_PROVIDER label: "SAML_PROVIDER" schema: type: string default: "" - variable: SAML_ENTRYPOINT label: "SAML_ENTRYPOINT" schema: type: string default: "" - variable: SAML_ISSUER label: "SAML_ISSUER" schema: type: string default: "" - variable: SAML_CERT label: "SAML_CERT" schema: type: string private: true default: "" - variable: SAML_IDPSLO_REDIRECTURL label: "SAML_IDPSLO_REDIRECTURL" schema: type: string default: "" - variable: SAML_PRIVATE_KEYFILE label: "SAML_PRIVATE_KEYFILE" schema: type: string default: "" - variable: SAML_PUBLIC_CERTFILE label: "SAML_PUBLIC_CERTFILE" schema: type: string default: "" - variable: SAML_IDENTIFIER_FORMAT label: "SAML_IDENTIFIER_FORMAT" schema: type: string default: "" - variable: SAML_LOCAL_PROFILE_MATCH_ATTRIBUTE label: "SAML_LOCAL_PROFILE_MATCH_ATTRIBUTE" schema: type: string default: "" - variable: SAML_ATTRIBUTES label: "SAML_ATTRIBUTES" schema: type: string default: "" # Include{containerConfig} - variable: service group: "Networking and Services" label: "Configure Service(s)" schema: additional_attrs: true type: dict attrs: - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelector} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 10192 required: true - variable: advanced label: "Show Advanced settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: protocol label: "Port Type" schema: type: string default: "HTTP" enum: - value: HTTP description: "HTTP" - value: "HTTPS" description: "HTTPS" - value: TCP description: "TCP" - value: "UDP" description: "UDP" - variable: nodePort label: "Node Port (Optional)" description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" schema: type: int min: 9000 max: 65535 - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 8080 - variable: serviceexpert group: "Networking and Services" label: "Show Expert Config" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: hostNetwork group: "Networking and Services" label: "Host-Networking (Complicated)" schema: type: boolean default: false # Include{serviceExpert} # Include{serviceList} - variable: persistence label: "Integrated Persistent Storage" description: "Integrated Persistent Storage" group: "Storage and Persistence" schema: additional_attrs: true type: dict attrs: - variable: data label: "App Data Storage" description: "Stores the Application Data." schema: additional_attrs: true type: dict attrs: - variable: type label: "Type of Storage" description: "Sets the persistence type, Anything other than PVC could break rollback!" schema: type: string default: "simplePVC" enum: - value: "simplePVC" description: "PVC (simple)" - value: "simpleHP" description: "HostPath (simple)" - value: "emptyDir" description: "emptyDir" - value: "pvc" description: "pvc" - value: "hostPath" description: "hostPath" # Include{persistenceBasic} - variable: hostPath label: "hostPath" description: "Path inside the container the storage is mounted" schema: show_if: [["type", "=", "hostPath"]] type: hostpath - variable: medium label: "EmptyDir Medium" schema: show_if: [["type", "=", "emptyDir"]] type: string default: "" enum: - value: "" description: "Default" - value: "Memory" description: "Memory" # Include{persistenceAdvanced} # Include{persistenceList} - variable: ingress label: "" group: "Ingress" schema: additional_attrs: true type: dict attrs: - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressExpert} # Include{ingressList} # Include{security} - variable: advancedSecurity label: "Show Advanced Security Settings" group: "Security and Permissions" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: securityContext label: "Security Context" schema: additional_attrs: true type: dict attrs: - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: true - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: false - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: true # Include{securityContextAdvanced} - variable: podSecurityContext group: "Security and Permissions" label: "Pod Security Context" schema: additional_attrs: true type: dict attrs: - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 568 - variable: runAsGroup label: "runAsGroup" description: "The groupID this App of the user running the application" schema: type: int default: 568 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons}