# Include{groups} portals: open: # Include{portalLink} questions: # Include{global} # Include{controller} # Include{controllerDeployment} # Include{replicas} # Include{replica1} # Include{strategy} # Include{recreate} # Include{controllerExpert} # Include{controllerExpertExtraArgs} # Include{containerConfig} - variable: synapse group: "Container Configuration" label: "Synapse Configuration" schema: additional_attrs: true type: dict attrs: - variable: loadCustomConfig label: "Load Custom Config" description: "Load custom config located in /data/custom.yaml" schema: type: boolean default: false - variable: matrix group: "Container Configuration" label: "Matrix Configuration" schema: additional_attrs: true type: dict attrs: - variable: disabled label: "Disable Server Globally" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: disabledMessage label: "Disabled Message" schema: type: string default: "" - variable: serverName label: "Server Name" schema: type: string default: "example.com" - variable: hostname label: "Hostname" schema: type: string default: "matrix.example.com" - variable: clientBaseUrl label: Client Base URL # Assigned to `client_base_url` formerly called `riot_base_url` description: | Custom URL for links within email notifications. If not set links will be based on https://matrix.to schema: type: string default: "" - variable: presence label: "Presence" schema: type: boolean default: true - variable: blockNonAdminInvites label: "Block Non Admin Invites" schema: type: boolean default: false - variable: search label: "Search" schema: type: boolean default: true - variable: encryptByDefault label: "Encrypt By Default" schema: type: string default: "invite" enum: - value: "off" description: "off" - value: "invite" description: "invite" - value: "all" description: "all" - variable: adminEmail label: "Admin Email" schema: type: string default: "admin@example.com" - variable: uploads label: "Uploads Configuration" schema: additional_attrs: true type: dict attrs: - variable: maxSize label: "Max Size" schema: type: string default: "10M" - variable: maxPixels label: "Max Pixels" schema: type: string default: "32M" - variable: urlPreviews label: "URL Previews Configuration" schema: additional_attrs: true type: dict attrs: - variable: enabled label: "Enable URL Previews" schema: type: boolean default: false - variable: federation label: "Federation Configuration" schema: additional_attrs: true type: dict attrs: - variable: enabled label: "Enable Federation" schema: type: boolean default: true - variable: allowPublicRooms label: "Allow Public Rooms" schema: type: boolean default: true # TODO: whitelist: # TODO: blacklist: - variable: registration label: "Registration Configuration" # Enabling captcha instead of mail is also an option but currently only # mail is configurable. description: | Enable registration. If enabled requires this will require enabling and configuring mail for SMTP. schema: additional_attrs: true type: dict attrs: - variable: enabled label: "Enable Registration" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: requiresToken label: "Requires Token" description: "Require users to submit a token during registration." schema: type: boolean default: true - variable: require3PID label: "Third Party ID" description: "The 3rd party IDs required during registration. (All selected will be required)" schema: type: list default: [] items: - variable: medium label: "Medium" schema: type: string default: "email" enum: - value: "email" description: "Email" - value: "msisdn" description: "MSISDN" - variable: enable3PIDLookup label: "Lookup Third Party ID" schema: type: boolean default: true - variable: disableMSISDNRegistration label: "Disable MSISDN Registration" description: "Override requirement for MSISDN during registration" schema: type: boolean default: false - variable: allowedLocal3PIDs label: "Allowed Local Third Party IDs" description: "Restrict 3PID to specific patterns" schema: type: list default: [] items: - variable: allowed label: "Allowed Third Party ID" schema: type: dict attrs: - variable: medium label: "Medium" schema: type: string required: true default: "email" enum: - value: "email" description: "Email" - value: "msisdn" description: "MSISDN" - variable: pattern label: "Pattern" description: "Regular expression to match against" schema: type: string default: "" required: true - variable: sharedSecret label: "Shared Secret" description: | If set, allows registration of standard or admin accounts by anyone who has the shared secret, even if registration is otherwise disabled schema: type: string default: "" private: true required: true # TODO: required3PIDs # TODO: autoJoinRooms - variable: security label: "Security Configuration" schema: additional_attrs: true type: dict attrs: - variable: surpressKeyServerWarning label: "Surpress Key Server Warning" schema: type: boolean default: true - variable: trustedKeyServers label: "Trusted Key Servers" schema: type: list default: [] items: - variable: trustedKeyServersEntry label: Trusted Key Servers Entry schema: additional_attrs: true type: dict attrs: - variable: serverName label: "Server Name" schema: type: string default: "" - variable: verifyKeys label: "Verify Keys" schema: additional_attrs: true type: dict attrs: - variable: id label: "id" schema: type: string default: "" - variable: key label: "key" schema: type: string default: "" private: true - variable: acceptKeysInsecurely label: "Accept Keys Insecurely" schema: type: boolean default: false - variable: logging group: "Container Configuration" label: "Logging Configuration" schema: additional_attrs: true type: dict attrs: # TODO: Find the log levels and make the enum's - variable: rootLogLevel label: "Root Log Level" schema: type: string default: "WARNING" - variable: sqlLogLevel label: "Root Log Level" schema: type: string default: "WARNING" - variable: sqlLogLevel label: "Root Log Level" schema: type: string default: "WARNING" - variable: mail group: "Container Configuration" label: "Mail Configuration" schema: additional_attrs: true type: dict attrs: - variable: enabled label: "Enable Mail" schema: type: boolean default: false show_subquestions_if: true subquestions: - variable: from label: "From: " schema: type: string default: "Matrix " - variable: host label: "Host" schema: type: string default: "" - variable: port label: "Port" schema: type: int default: 25 - variable: username label: "Username" schema: type: string default: "" - variable: password label: "Password" schema: type: string default: "" private: true - variable: requireTransportSecurity label: "Require Transport Security" schema: type: boolean default: true - variable: coturn group: "Container Configuration" label: "Coturn Configuration" schema: additional_attrs: true type: dict attrs: - variable: enabled label: "Enable Coturn" schema: type: boolean default: false # Include{serviceRoot} - variable: main label: "Main Service" description: "The Primary service on which the healthcheck runs, often the webUI" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: main label: "Main Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 8008 required: true # Include{advancedPortHTTP} - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 8008 - variable: federation label: "federation Service" description: "The federation service" schema: additional_attrs: true type: dict attrs: # Include{serviceSelectorLoadBalancer} # Include{serviceSelectorExtras} - variable: federation label: "federation Service Port Configuration" schema: additional_attrs: true type: dict attrs: - variable: port label: "Port" description: "This port exposes the container port on the service" schema: type: int default: 8448 required: true # Include{advancedPortHTTP} - variable: targetPort label: "Target Port" description: "The internal(!) port on the container the Application runs on" schema: type: int default: 8008 # Include{serviceExpertRoot} default: false # Include{serviceExpert} # Include{serviceList} # Include{persistenceRoot} - variable: key label: "App Key Storage" description: "Stores the Application Key." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} - variable: media label: "App Media Storage" description: "Stores the Application Media." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} - variable: uploads label: "App Upload Storage" description: "Stores the Application Upload." schema: additional_attrs: true type: dict attrs: # Include{persistenceBasic} # Include{persistenceAdvanced} # Include{persistenceList} # Include{ingressRoot} - variable: main label: "Main Ingress" schema: additional_attrs: true type: dict attrs: # Include{ingressDefault} # Include{ingressTLS} # Include{ingressTraefik} # Include{ingressExpert} # Include{ingressList} # Include{security} # Include{securityContextAdvancedRoot} - variable: privileged label: "Privileged mode" schema: type: boolean default: false - variable: readOnlyRootFilesystem label: "ReadOnly Root Filesystem" schema: type: boolean default: true - variable: allowPrivilegeEscalation label: "Allow Privilege Escalation" schema: type: boolean default: true - variable: runAsNonRoot label: "runAsNonRoot" schema: type: boolean default: true # Include{securityContextAdvanced} # Include{podSecurityContextRoot} - variable: runAsUser label: "runAsUser" description: "The UserID of the user running the application" schema: type: int default: 568 - variable: runAsGroup label: "runAsGroup" description: "The groupID this App of the user running the application" schema: type: int default: 568 - variable: fsGroup label: "fsGroup" description: "The group that should own ALL storage." schema: type: int default: 568 # Include{podSecurityContextAdvanced} # Include{resources} # Include{advanced} # Include{addons} # Include{codeserver} # Include{promtail} # Include{netshoot} # Include{vpn} # Include{documentation}