# Include{groups} questions: # Include{global} # Include{workload} # Include{workloadDeployment} # Include{replicas1} # Include{podSpec} # Include{containerMain} # Include{containerBasic} # Include{containerAdvanced} # Include{containerConfig} # Include{podOptions} - variable: tfaAppOptions group: App Configuration label: Application Options schema: type: dict attrs: - variable: secret label: Secret description: Mandatory, can be any string. schema: type: string required: true private: true - variable: port label: Port schema: type: int default: 4181 - variable: logLevel label: Log level schema: type: string default: warn enum: - value: trace description: Trace (most detailed) - value: debug description: Debug - value: info description: Information - value: warn description: Warning - value: error description: Error - value: fatal description: Fatal - value: panic description: Panic (least detailed) - variable: logFormat label: Log format schema: type: string default: text enum: - value: text description: Text - value: json description: JSON - value: pretty description: Pretty - variable: tfaAuthOptions group: App Configuration label: Auth Options schema: type: dict attrs: - variable: authHost label: Auth host description: Single host to use when returning from 3rd party auth. schema: type: string - variable: urlPath label: Callback URL Path schema: type: string default: "/_oauth" - variable: defaultAction label: Default action schema: type: string default: auth enum: - value: auth description: Authenticate - value: allow description: Allow (do not require authentication) - variable: defaultProvider label: Default provider schema: type: string default: google enum: - value: google description: Google Provider - value: oidc description: OIDC Provider - value: generic-oauth description: Generic OAuth2 Provider - variable: domain label: Domains description: Only allow given email domains. schema: type: list default: [] items: - variable: allowedDomain label: Host schema: type: string required: true - variable: whitelist label: Whitelist description: Only allow given email addresses. schema: type: list default: [] items: - variable: allowedEmail label: Host schema: type: string required: true - variable: rules label: Rules description: Additional rules in rule..= format. schema: type: list default: [] items: - variable: rule label: Rule schema: type: string required: true - variable: logoutRedirect label: Logout redirect description: URL to redirect to following logout. schema: type: string - variable: tfaCookieOptions group: App Configuration label: Cookie Options schema: type: dict attrs: - variable: cookieDomain label: Cookie domain hosts schema: type: list default: [] items: - variable: cookieDomainHost label: Host schema: type: string required: true - variable: cookieName label: Cookie name schema: type: string default: "_forward_auth" - variable: csrfCookieName label: CSRF cookie name schema: type: string default: "_forward_auth_csrf" - variable: lifetime label: Lifetime description: Lifetime in seconds. schema: type: int default: 43200 - variable: insecureCookie label: Use insecure cookies schema: type: boolean default: false - variable: tfaGoogleOptions group: App Configuration label: Google Provider schema: type: dict attrs: - variable: clientId label: Client ID schema: type: string private: true - variable: clientSecret label: Client Secret schema: type: string private: true - variable: prompt label: Prompt description: Space separated list of OpenID prompt options. schema: type: string - variable: tfaOidcOptions group: App Configuration label: OIDC Provider schema: type: dict attrs: - variable: issuerUrl label: Issuer URL schema: type: string - variable: clientId label: Client ID schema: type: string private: true - variable: clientSecret label: Client Secret schema: type: string private: true - variable: resource label: Resource description: Optional resource indicator. schema: type: string - variable: tfaOauthOptions group: App Configuration label: Generic OAuth2 Provider schema: type: dict attrs: - variable: authUrl label: Auth/Login URL schema: type: string - variable: tokenUrl label: Token URL schema: type: string - variable: userUrl label: User URL description: URL used to retrieve user info. schema: type: string - variable: clientId label: Client ID schema: type: string private: true - variable: clientSecret label: Client Secret schema: type: string private: true - variable: scopes label: Scopes schema: type: string default: profile, email - variable: tokenStyle label: Token style description: How token is presented when querying the User URL schema: type: string default: header enum: - value: header description: Header - value: query description: Query - variable: resource label: Resource description: Optional resource indicator. schema: type: string # Include{serviceRoot} # Include{serviceMain} # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 4181 required: true # Include{externalInterfaces} # Include{serviceList} # Include{persistenceList} # Include{ingressRoot} - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressAdvanced} # Include{ingressList} # Include{securityContextRoot} - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 568 - variable: runAsGroup label: "runAsGroup" description: "The groupID of the user running the application" schema: type: int default: 568 # Include{securityContextContainer} # Include{securityContextAdvanced} # Include{securityContextPod} - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{resources} # Include{advanced} # Include{addons} # Include{codeserver} # Include{netshoot} # Include{vpn} # Include{documentation}