# Include{groups} portals: open: protocols: - "$kubernetes-resource_configmap_portal_protocol" host: - "$kubernetes-resource_configmap_portal_host" ports: - "$kubernetes-resource_configmap_portal_port" questions: - variable: portal group: "Container Image" label: "Configure Portal Button" schema: type: dict hidden: true attrs: - variable: enabled label: "Enable" description: "enable the portal button" schema: hidden: true editable: false type: boolean default: true # Include{global} - variable: controller group: "Controller" label: "" schema: additional_attrs: true type: dict attrs: - variable: advanced label: "Show Advanced Controller Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: type description: "Please specify type of workload to deploy" label: "(Advanced) Controller Type" schema: type: string default: "deployment" required: true enum: - value: "deployment" description: "Deployment" - value: "statefulset" description: "Statefulset" - value: "daemonset" description: "Daemonset" - variable: replicas description: "Number of desired pod replicas" label: "Desired Replicas" schema: type: int default: 1 required: true - variable: strategy description: "Please specify type of workload to deploy" label: "(Advanced) Update Strategy" schema: type: string default: "Recreate" required: true enum: - value: "Recreate" description: "Recreate: Kill existing pods before creating new ones" - value: "RollingUpdate" description: "RollingUpdate: Create new pods and then kill old ones" - value: "OnDelete" description: "(Legacy) OnDelete: ignore .spec.template changes" # Include{controllerExpert} - variable: env group: "Container Configuration" label: "Image Environment" schema: additional_attrs: true type: dict attrs: - variable: APP_URL label: "APP_URL" description: "This is the url to your application, beginning with http:// or https:// (if you're running Snipe-IT over SSL). This should not have a trailing slash." schema: type: string default: "" required: true - variable: APP_FORCE_TLS label: "APP_FORCE_TLS" description: "Force use of HTTPS" schema: type: boolean default: false - variable: APP_TRUSTED_PROXIES label: "APP_TRUSTED_PROXIES" description: "APP_TRUSTED_PROXIES" schema: type: string default: "172.16.0.0/16" required: true - variable: APP_LOCALE label: "APP_LOCALE" description: "Set this to reflect the two-letter or 5-letter abbreviation for the language you'd like to use for Snipe-IT" schema: type: string default: "en" required: true enum: - value: "en" description: "English (US)" - value: "en-GB" description: "English (UK)" - value: "af" description: "Afrikaans" - value: "ar" description: "Arabic" - value: "bg" description: "Bulgarian" - value: "zh-CN" description: "Chinese Simplified" - value: "zh-TW" description: "Chinese Traditional" - value: "hr" description: "Croatian" - value: "cs" description: "Czech" - value: "da" description: "Danish" - value: "nl" description: "Dutch" - value: "et" description: "Estonian" - value: "fi" description: "Finnish" - value: "fr" description: "French" - value: "de" description: "German" - value: "el" description: "Greek" - value: "he" description: "Hebrew" - value: "hu" description: "Hungarian" - value: "id" description: "Indonesian" - value: "en-ID" description: "English, Indonesia" - value: "ga-IE" description: "Irish" - value: "it" description: "Italian" - value: "ja" description: "Japanese" - value: "ko" description: "Korean" - value: "lv" description: "Latvian" - value: "lt" description: "Lithuanian" - value: "ms" description: "Malay" - value: "mi" description: "Maori" - value: "mn" description: "Mongolian" - value: "no" description: "Norwegian" - value: "fa" description: "Persian" - value: "pl" description: "Polish" - value: "pt-PT" description: "Portuguese" - value: "pt-BR" description: "Portuguese, Brazilian" - value: "ro" description: "Romanian" - value: "ru" description: "Russian" - value: "es-ES" description: "Spanish" - value: "es-CO" description: "Spanish, Colombia" - value: "sv-SE" description: "Swedish" - value: "ta" description: "Tamil" - value: "tr" description: "Turkish" - value: "vi" description: "Vietnamese" - value: "zu" description: "Zulu" - variable: IMAGE_LIB label: "IMAGE_LIB" description: "GD Library or Imagemagick are required to generate barcodes for Snipe-IT" schema: type: string default: "gd" required: true enum: - value: "gd" description: "GD Library" - value: "imagick" description: "ImageMagick" - variable: sessionsettings label: "Session Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: SESSION_LIFETIME label: "SESSION_LIFETIME" description: "Specify the time in minutes that the session should remain valid." schema: type: int default: 30 required: true - variable: EXPIRE_ON_CLOSE label: "EXPIRE_ON_CLOSE" description: "Specify whether or not the logged in session should be expired when the user closes their browser window." schema: type: boolean default: false - variable: ENCRYPT label: "ENCRYPT" description: "Specify whether you wish to use encrypted cookies for your Snipe-IT sessions." schema: type: boolean default: false - variable: COOKIE_NAME label: "COOKIE_NAME" description: "If you are running multiple Snipe-IT installs, you should probably set this to a unique name for each one so that your browser doesn't get sessions confused." schema: type: string default: "snipeit_session" required: true - variable: COOKIE_DOMAIN label: "COOKIE_DOMAIN" description: "Specify what domain name Snipe-IT should honor cookies from.should be set to whatever the domain name is of your Snipe-IT installation if you choose to use it." schema: type: string default: "" - variable: SECURE_COOKIES label: "SECURE_COOKIES" description: "By setting this option to true, session cookies will only be sent back to the server if the browser has a HTTPS connection." schema: type: boolean default: false - variable: API_TOKEN_EXPIRATION_YEARS label: "API_TOKEN_EXPIRATION_YEARS" description: "This sets how long the API tokens should be valid for." schema: type: int default: 40 required: true - variable: loginsettings label: "Login Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: LOGIN_MAX_ATTEMPTS label: "LOGIN_MAX_ATTEMPTS" description: "The maximum number of failed attempts allowed before the user is throttled." schema: type: int default: 5 required: true - variable: LOGIN_LOCKOUT_DURATION label: "LOGIN_LOCKOUT_DURATION" description: " The duration (in seconds) that the user should be blocked from attempting to authenticate again." schema: type: int default: 60 required: true - variable: miscsettings label: "Misc Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: ALLOW_IFRAMING label: "ALLOW_IFRAMING" description: "Set this to true if you need to run Snipe-IT within an iframe." schema: type: boolean default: false - variable: APP_ALLOW_INSECURE_HOSTS label: "APP_ALLOW_INSECURE_HOSTS" description: "Set this to this to true ONLY if you if you can’t make your APP_URL match the actual URL of your application, and your hosting environment is secure and not accessible to the outside world." schema: type: boolean default: false - variable: GOOGLE_MAPS_API label: "GOOGLE_MAPS_API" description: "Include your Google Maps API key here if you'd like Snipe-IT to load maps from Google on your locations and suppliers pages." schema: type: string default: "" - variable: LDAP_MEM_LIM label: "LDAP_MEM_LIM" description: "Memory limit for LDAP execution" schema: type: string default: "500M" required: true - variable: LDAP_TIME_LIM label: "LDAP_TIME_LIM" description: "Time limit for LDAP execution" schema: type: int default: 600 required: true - variable: API_THROTTLE_PER_MINUTE label: "API_THROTTLE_PER_MINUTE" description: "Number of requests to allow per minute." schema: type: int default: 120 required: true - variable: ENABLE_HSTS label: "ENABLE_HSTS" description: "HSTS is a web security policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking." schema: type: boolean default: false - variable: ENABLE_CSP label: "ENABLE_CSP" description: "Disable the content security policy that restricts what scripts, images and styles can load." schema: type: boolean default: false - variable: CORS_ALLOWED_ORIGINS label: "CORS_ALLOWED_ORIGINS" schema: type: string default: "null" - variable: REFERRER_POLICY label: "REFERRER_POLICY" description: "This is an additional security header that browsers use to determine whether they should report back URL referrer information." schema: type: string default: "same-origin" - variable: mailsettings label: "Mail Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: MAIL_DRIVER label: "MAIL_DRIVER" description: "Specify the driver you would like to use." schema: type: string default: "log" enum: - value: "log" description: "log" - value: "smtp" description: "smtp" - value: "mail" description: "mail" - value: "sendmail" description: "sendmail" - variable: MAIL_HOST label: "MAIL_HOST" description: "Specify the hostname for your outgoing mail server. Keep in mind that this server must be accessible from the server you're running Snipe-IT on." schema: type: string default: "" - variable: MAIL_PORT label: "MAIL_PORT" description: "Set the port number that your mail server expects to send from." schema: type: int default: 587 - variable: MAIL_USERNAME label: "MAIL_USERNAME" description: "Set the username of the authenticated user you'll be sending email as." schema: type: string default: "" - variable: MAIL_PASSWORD label: "MAIL_PASSWORD" description: "Set the password for the authenticated user you'll be sending as." schema: type: string default: "" private: true - variable: MAIL_ENCRYPTION label: "MAIL_ENCRYPTION" description: "Here you may specify the encryption protocol that should be used when the application sends e-mail messages." schema: type: string default: "null" enum: - value: "null" description: "null" - value: "tls" description: "tls" - value: "ssl" description: "ssl" - variable: MAIL_FROM_ADDR label: "MAIL_FROM_ADDR" description: "Specify an email address that is used globally for all e-mails that are sent by your application." schema: type: string default: "" - variable: MAIL_FROM_NAME label: "MAIL_FROM_NAME" description: "Specify the name that should show up in the recipient's inbox when they receive email from your Snipe-IT instance." schema: type: string default: "" - variable: MAIL_REPLYTO_ADDR label: "MAIL_REPLYTO_ADDR" description: " Specify the address that should be the reply:to on emails from your Snipe-IT instance. This can be the same as your MAIL_FROM_ADDR, but it is required." schema: type: string default: "" - variable: MAIL_REPLYTO_NAME label: "MAIL_REPLYTO_NAME" description: "Specify the name that should be the reply:to on emails from your Snipe-IT instance. This can be the same as your MAIL_FROM_NAME , but it is required." schema: type: string default: "" - variable: MAIL_AUTO_EMBED label: "MAIL_AUTO_EMBED" description: "Whether or not to embed images in emails (via CID or base64) versus linking to them." schema: type: boolean default: true - variable: MAIL_AUTO_EMBED_METHOD label: "MAIL_AUTO_EMBED_METHOD" description: "Method that should be used for attaching inline images. Options are attachment (for CID) or base64." schema: type: string default: "base64" enum: - value: "base64" description: "base64" - value: "attachment" description: "attachment" - variable: publicawssettings label: "Public AWS S3 Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: PUBLIC_AWS_SECRET_ACCESS_KEY label: "PUBLIC_AWS_SECRET_ACCESS_KEY" schema: type: string default: "" private: true - variable: PUBLIC_AWS_ACCESS_KEY_ID label: "PUBLIC_AWS_ACCESS_KEY_ID" schema: type: string default: "" private: true - variable: PUBLIC_AWS_DEFAULT_REGION label: "PUBLIC_AWS_DEFAULT_REGION" schema: type: string default: "" - variable: PUBLIC_AWS_BUCKET label: "PUBLIC_AWS_BUCKET" schema: type: string default: "" - variable: PUBLIC_AWS_URL label: "PUBLIC_AWS_URL" schema: type: string default: "" - variable: PUBLIC_AWS_BUCKET_ROOT label: "PUBLIC_AWS_BUCKET_ROOT" schema: type: string default: "" - variable: privateawssettings label: "Private AWS S3 Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: PRIVATE_AWS_SECRET_ACCESS_KEY label: "PRIVATE_AWS_SECRET_ACCESS_KEY" schema: type: string default: "" private: true - variable: PRIVATE_AWS_ACCESS_KEY_ID label: "PRIVATE_AWS_ACCESS_KEY_ID" schema: type: string default: "" private: true - variable: PRIVATE_AWS_DEFAULT_REGION label: "PRIVATE_AWS_DEFAULT_REGION" schema: type: string default: "" - variable: PRIVATE_AWS_BUCKET label: "PRIVATE_AWS_BUCKET" schema: type: string default: "" - variable: PRIVATE_AWS_URL label: "PRIVATE_AWS_URL" schema: type: string default: "" - variable: PRIVATE_AWS_BUCKET_ROOT label: "PRIVATE_AWS_BUCKET_ROOT" schema: type: string default: "" - variable: loggingsettings label: "Logging Settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: LOG label: "LOG" description: "Whether to use a single log file, or multiple date-based log files for your app error logs." schema: type: string default: "daily" required: true enum: - value: "single" description: "Single File" - value: "daily" description: "Daily Files" - variable: APP_LOG_MAX_FILES label: "APP_LOG_MAX_FILES" description: "Max number of daily app log files to retain." schema: type: int default: 10 required: true - variable: APP_DEBUG label: "APP_DEBUG" description: "Enables App Debug." schema: type: boolean default: false - variable: APP_LOG_LEVEL label: "APP_LOG_LEVEL" description: "Laravel will log all levels greater than or equal to the specified severity." schema: type: string default: "error" required: true enum: - value: "debug" description: "debug" - value: "info" description: "info" - value: "notice" description: "notice" - value: "warning" description: "warning" - value: "error" description: "error" - value: "critical" description: "critical" - value: "alert" description: "alert" - value: "emergency" description: "emergency" # Include{containerConfig} - variable: service group: "Networking and Services" label: "Configure Service(s)" schema: additional_attrs: true type: dict attrs: - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelector} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 10120 required: true - variable: advanced label: "Show Advanced settings" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: enabled label: "Enable the port" schema: type: boolean default: true - variable: protocol label: "Port Type" schema: type: string default: "HTTP" enum: - value: HTTP description: "HTTP" - value: "HTTPS" description: "HTTPS" - value: TCP description: "TCP" - value: "UDP" description: "UDP" - variable: nodePort label: "Node Port (Optional)" description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer" schema: type: int min: 9000 max: 65535 - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 80 - variable: serviceexpert group: "Networking and Services" label: "Show Expert Config" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: hostNetwork group: "Networking and Services" label: "Host-Networking (Complicated)" schema: type: boolean default: false # Include{serviceExpert} # Include{serviceList} - variable: persistence label: "Integrated Persistent Storage" description: "Integrated Persistent Storage" group: "Storage and Persistence" schema: additional_attrs: true type: dict attrs: - variable: data label: "App Data Storage" description: "Stores the Application Data." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} - variable: logs label: "App Logs Storage" description: "Stores the Application Logs." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} - variable: backups label: "App Backups Storage" description: "Stores the Application Backups." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} # Include{persistenceList} - variable: ingress label: "" group: "Ingress" schema: additional_attrs: true type: dict attrs: - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressExpert} # Include{ingressList} # Include{security} - variable: advancedSecurity label: "Show Advanced Security Settings" group: "Security and Permissions" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: securityContext label: "Security Context" schema: additional_attrs: true type: dict attrs: - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: false - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: false - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: false # Include{securityContextAdvanced} - variable: podSecurityContext group: "Security and Permissions" label: "Pod Security Context" schema: additional_attrs: true type: dict attrs: - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 0 - variable: runAsGroup label: "runAsGroup" description: "The groupID this App of the user running the application" schema: type: int default: 1000 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 50 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons}