# Include{groups} portals: open: # Include{portalLink} questions: # Include{global} # Include{controller} # Include{controllerDeployment} # Include{replicas} # Include{replica1} # Include{strategy} # Include{recreate} # Include{controllerExpert} # Include{controllerExpertExtraArgs} - variable: cherry group: Container Configuration label: Cherry Configuration schema: additional_attrs: true type: dict attrs: - variable: insecure_cookie label: Insecure Cookie schema: type: boolean default: false - variable: public_registration label: Public Registration schema: type: boolean default: true - variable: page_bookmark_limit label: Page Bookmark Limit schema: type: int default: 60 - variable: google_oauth_uri label: Google OAuth URI schema: type: string default: "" - variable: google_oauth_id label: Google OAuth ID schema: type: string private: true default: "" - variable: google_oauth_secret label: Google OAuth Secret schema: type: string private: true default: "" # Include{containerConfig} # Include{serviceRoot} - variable: main label: Main Service description: The Primary service on which the healthcheck runs, often the webUI schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main label: Main Service Port Configuration schema: additional_attrs: true type: dict attrs: - variable: port label: Port description: This port exposes the container port on the service schema: type: int default: 10303 required: true # Include{advancedPortHTTP} - variable: targetPort label: Target Port description: The internal(!) port on the container the Application runs on schema: type: int default: 8000 # Include{serviceExpertRoot} default: false # Include{serviceExpert} # Include{serviceList} # Include{persistenceRoot} - variable: data label: App Data Storage description: Stores the Application Data. schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} # Include{persistenceList} # Include{ingressRoot} - variable: main label: Main Ingress schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressExpert} # Include{ingressList} # Include{security} # Include{securityContextAdvancedRoot} - variable: privileged label: Privileged mode schema: type: boolean default: false - variable: readOnlyRootFilesystem label: ReadOnly Root Filesystem schema: type: boolean default: false - variable: allowPrivilegeEscalation label: Allow Privilege Escalation schema: type: boolean default: false - variable: runAsNonRoot label: runAsNonRoot schema: type: boolean default: false # Include{securityContextAdvanced} # Include{podSecurityContextRoot} - variable: runAsUser label: runAsUser description: The UserID of the user running the application schema: type: int default: 0 - variable: runAsGroup label: runAsGroup description: The groupID this App of the user running the application schema: type: int default: 0 - variable: fsGroup label: fsGroup description: The group that should own ALL storage. schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons} # Include{codeserver} # Include{promtail} # Include{netshoot} # Include{vpn} # Include{documentation}