905 lines
30 KiB
YAML
905 lines
30 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
protocols:
|
|
- "$kubernetes-resource_configmap_portal_protocol"
|
|
host:
|
|
- "$kubernetes-resource_configmap_portal_host"
|
|
ports:
|
|
- "$kubernetes-resource_configmap_portal_port"
|
|
path: "/guacamole"
|
|
questions:
|
|
- variable: portal
|
|
group: "Container Image"
|
|
label: "Configure Portal Button"
|
|
schema:
|
|
type: dict
|
|
hidden: true
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable"
|
|
description: "enable the portal button"
|
|
schema:
|
|
hidden: true
|
|
editable: false
|
|
type: boolean
|
|
default: true
|
|
# Include{global}
|
|
- variable: controller
|
|
group: "Controller"
|
|
label: ""
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: advanced
|
|
label: "Show Advanced Controller Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: type
|
|
description: "Please specify type of workload to deploy"
|
|
label: "(Advanced) Controller Type"
|
|
schema:
|
|
type: string
|
|
default: "deployment"
|
|
required: true
|
|
enum:
|
|
- value: "deployment"
|
|
description: "Deployment"
|
|
- value: "statefulset"
|
|
description: "Statefulset"
|
|
- value: "daemonset"
|
|
description: "Daemonset"
|
|
- variable: replicas
|
|
description: "Number of desired pod replicas"
|
|
label: "Desired Replicas"
|
|
schema:
|
|
type: int
|
|
default: 1
|
|
required: true
|
|
- variable: strategy
|
|
description: "Please specify type of workload to deploy"
|
|
label: "(Advanced) Update Strategy"
|
|
schema:
|
|
type: string
|
|
default: "Recreate"
|
|
required: true
|
|
enum:
|
|
- value: "Recreate"
|
|
description: "Recreate: Kill existing pods before creating new ones"
|
|
- value: "RollingUpdate"
|
|
description: "RollingUpdate: Create new pods and then kill old ones"
|
|
- value: "OnDelete"
|
|
description: "(Legacy) OnDelete: ignore .spec.template changes"
|
|
# Include{controllerExpert}
|
|
|
|
- variable: env
|
|
group: "Container Configuration"
|
|
label: "Image Environment"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: GUACD_HOSTNAME
|
|
label: "Guacd Hostname"
|
|
description: "The hostname of the guacd instance to use to establish remote desktop connections"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: GUACD_PORT
|
|
label: "Guacd Port"
|
|
description: "The port that Guacamole should use when connecting to guacd"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
default: 4822
|
|
|
|
# Include{containerConfig}
|
|
- variable: general
|
|
group: "App Configuration"
|
|
label: "General Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: EXTENSION_PRIORITY
|
|
label: "Extension Priority (Leave blank for default)"
|
|
description: "A comma-separated list of the namespaces of all extensions that should be loaded in a specific order"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: api
|
|
group: "App Configuration"
|
|
label: "API Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: API_SESSION_TIMEOUT
|
|
label: "API Session Timeout (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: totp
|
|
group: "App Configuration"
|
|
label: "TOTP Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: TOTP_ENABLED
|
|
label: "Enable TOTP"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: TOTP_ISSUER
|
|
label: "TOTP Issuer (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: TOTP_PERIOD
|
|
label: "TOTP Period (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: TOTP_DIGITS
|
|
label: "TOTP Digits"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "default"
|
|
- value: "6"
|
|
description: "6"
|
|
- value: "7"
|
|
description: "7"
|
|
- value: "8"
|
|
description: "8"
|
|
- variable: TOTP_MODE
|
|
label: "TOTP Mode"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "default"
|
|
- value: "sha1"
|
|
description: "sha1"
|
|
- value: "sha256"
|
|
description: "sha256"
|
|
- value: "sha512"
|
|
description: "sha512"
|
|
- variable: header
|
|
group: "App Configuration"
|
|
label: "Header Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: HEADER_ENABLED
|
|
label: "Enable Header"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: HTTP_AUTH_HEADER
|
|
label: "HTTP Auth Header (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: json
|
|
group: "App Configuration"
|
|
label: "JSON Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: json_enabled
|
|
label: "Enable JSON"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: JSON_SECRET_KEY
|
|
label: "JSON Secret Key"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: JSON_TRUSTED_NETWORKS
|
|
label: "JSON Trusted Networks (Leave blank for unrestricted"
|
|
description: "Comma separated list e.g.: 127.0.0.0/8, 10.0.0.0/8"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: duo
|
|
group: "App Configuration"
|
|
label: "DUO Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: duo_enabled
|
|
label: "Enable DUO"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: DUO_API_HOSTNAME
|
|
label: "DUO API Hostname (api-XXXXXXXX.duosecurity.com)"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: DUO_INTEGRATION_KEY
|
|
label: "DUO Integration Key (Exactly 20 chars)"
|
|
schema:
|
|
min_length: 20
|
|
max_length: 20
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: DUO_SECRET_KEY
|
|
label: "DUO Secret Key (Exactly 40 chars)"
|
|
schema:
|
|
min_length: 40
|
|
max_length: 40
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: DUO_APPLICATION_KEY
|
|
label: "DUO Application Key (At least 40 chars)"
|
|
schema:
|
|
min_length: 40
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: cas
|
|
group: "App Configuration"
|
|
label: "CAS Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: cas_enabled
|
|
label: "Enable CAS"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: CAS_AUTHORIZATION_ENDPOINT
|
|
label: "CAS Authorization Endpoint"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: CAS_REDIRECT_URI
|
|
label: "CAS Redirect URI"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: CAS_CLEARPASS_KEY
|
|
label: "CAS Clearpass Key"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: CAS_GROUP_ATTRIBUTE
|
|
label: "CAS Group Attribute"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: CAS_GROUP_LDAP_BASE_DN
|
|
label: "CAS Group LDAP Base DN"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: CAS_GROUP_LDAP_ATTRIBUTE
|
|
label: "CAS Group LDAP Attribute"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: CAS_GROUP_FORMAT
|
|
label: "CAS Group Format"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "default"
|
|
- value: "plain"
|
|
description: "plain"
|
|
- value: "ldap"
|
|
description: "ldap"
|
|
- variable: openid
|
|
group: "App Configuration"
|
|
label: "OpenID Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: openid_enabled
|
|
label: "Enable OpenID"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: OPENID_AUTHORIZATION_ENDPOINT
|
|
label: "OpenID Authorization Endpoint"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: OPENID_JWKS_ENDPOINT
|
|
label: "OpenID JWKS Endpoint"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: OPENID_ISSUER
|
|
label: "OpenID Issuer"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: OPENID_CLIENT_ID
|
|
label: "OpenID Client ID"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: OPENID_REDIRECT_URI
|
|
label: "OpenID Redirect URI"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: OPENID_USERNAME_CLAIM_TYPE
|
|
label: "OpenID Username Claim Type (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OPENID_GROUPS_CLAIM_TYPE
|
|
label: "OpenID Groups Claim Type (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OPENID_MAX_TOKEN_VALIDITY
|
|
label: "OpenID Max Token Validity (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: radius
|
|
group: "App Configuration"
|
|
label: "Radius Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: radius_enabled
|
|
label: "Enable Radius"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: RADIUS_SHARED_SECRET
|
|
label: "Radius Shared Secret"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: RADIUS_AUTH_PROTOCOL
|
|
label: "Radius Auth Protocol"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "eap-tls"
|
|
enum:
|
|
- value: "pap"
|
|
description: "pap"
|
|
- value: "chap"
|
|
description: "chap"
|
|
- value: "mschapv1"
|
|
description: "mschapv1"
|
|
- value: "mschapv2"
|
|
description: "mschapv2"
|
|
- value: "eap-md5"
|
|
description: "eap-md5"
|
|
- value: "eap-tls"
|
|
description: "eap-tls"
|
|
- value: "eap-ttls"
|
|
description: "eap-ttls"
|
|
- variable: RADIUS_HOSTNAME
|
|
label: "Radius Hostname (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: RADIUS_AUTH_PORT
|
|
label: "Radius Auth Port (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: RADIUS_KEY_FILE
|
|
label: "Radius Key File (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: RADIUS_KEY_TYPE
|
|
label: "Radius Key Type"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "pem"
|
|
description: "pem"
|
|
- value: "jceks"
|
|
description: "jceks"
|
|
- value: "jks"
|
|
description: "jks"
|
|
- value: "pkcs12"
|
|
description: "pkcs12"
|
|
- variable: RADIUS_KEY_PASSWORD
|
|
label: "Radius Key Password (Leave blank if no password)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: RADIUS_CA_FILE
|
|
label: "Radius CA File (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: RADIUS_CA_TYPE
|
|
label: "Radius CA Type"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "pem"
|
|
description: "pem"
|
|
- value: "jceks"
|
|
description: "jceks"
|
|
- value: "jks"
|
|
description: "jks"
|
|
- value: "pkcs12"
|
|
description: "pkcs12"
|
|
- variable: RADIUS_CA_PASSWORD
|
|
label: "Radius CA Password (Leave blank if no password)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: RADIUS_TRUST_ALL
|
|
label: "Radius Trust All"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: RADIUS_RETRIES
|
|
label: "Radius Retries (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: RADIUS_TIMEOUT
|
|
label: "Radius Timeout (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: RADIUS_EAP_TTLS_INNER_PROTOCOL
|
|
label: "Radius eap-ttls Inner Protocol"
|
|
description: "Only has effect when RADIUS_AUTH_PROTOCOL is set to eap-ttls"
|
|
schema:
|
|
type: string
|
|
default: "eap-tls"
|
|
enum:
|
|
- value: "pap"
|
|
description: "pap"
|
|
- value: "chap"
|
|
description: "chap"
|
|
- value: "mschapv1"
|
|
description: "mschapv1"
|
|
- value: "mschapv2"
|
|
description: "mschapv2"
|
|
- value: "eap-md5"
|
|
description: "eap-md5"
|
|
- value: "eap-tls"
|
|
description: "eap-tls"
|
|
- variable: ldap
|
|
group: "App Configuration"
|
|
label: "LDAP Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: ldap_enabled
|
|
label: "Enable LDAP"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: LDAP_HOSTNAME
|
|
label: "LDAP Hostname (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: LDAP_USER_BASE_DN
|
|
label: "LDAP User Base DN"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: LDAP_PORT
|
|
label: "LDAP Port (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_ENCRYPTION_METHOD
|
|
label: "LDAP Encryption Method (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "none"
|
|
description: "none"
|
|
- value: "ssl"
|
|
description: "ssl"
|
|
- value: "starttls"
|
|
description: "starttls"
|
|
- variable: LDAP_MAX_SEARCH_RESULTS
|
|
label: "LDAP Max Search Results (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_SEARCH_BIND_DN
|
|
label: "LDAP Search Bind DN (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_USER_ATTRIBUTES
|
|
label: "LDAP User Attributes"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_SEARCH_BIND_PASSWORD
|
|
label: "LDAP Search Bind Password (Leave blank if no password)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_USERNAME_ATTRIBUTE
|
|
label: "LDAP Username Attribute"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_MEMBER_ATTRIBUTE
|
|
label: "LDAP Member Attribute"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_USER_SEARCH_FILTER
|
|
label: "LDAP User Search Filter (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_CONFIG_BASE_DN
|
|
label: "LDAP Config Base DN"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_GROUP_BASE_DN
|
|
label: "LDAP Group Base DN"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_GROUP_SEARCH_FILTER
|
|
label: "LDAP Group Search Filter (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_MEMBER_ATTRIBUTE_TYPE
|
|
label: "LDAP Encryption Method"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "dn"
|
|
description: "dn"
|
|
- value: "uid"
|
|
description: "uid"
|
|
- variable: LDAP_GROUP_NAME_ATTRIBUTE
|
|
label: "LDAP Group Name Attribute (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_DEREFERENCE_ALIASES
|
|
label: "LDAP Dereference Aliases"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "never"
|
|
description: "never"
|
|
- value: "searching"
|
|
description: "searching"
|
|
- value: "finding"
|
|
description: "finding"
|
|
- value: "always"
|
|
description: "always"
|
|
- variable: LDAP_FOLLOW_REFERRALS
|
|
label: "LDAP Follow Referrals"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LDAP_MAX_REFERRAL_HOPS
|
|
label: "LDAP Max Referrals Hops (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_OPERATION_TIMEOUT
|
|
label: "LDAP Operation Timeout (Leave blank for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: saml
|
|
group: "App Configuration"
|
|
label: "SAML Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: saml_enabled
|
|
label: "Enable SAML"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: SAML_IDP_METADATA_URL
|
|
label: "SAML IDP Metadata URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_IDP_URL
|
|
label: "SAML IDP URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_ENTITY_ID
|
|
label: "SAML Entity ID"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_CALLBACK_URL
|
|
label: "SAML Callback URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_STRICT
|
|
label: "SAML Strict"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: SAML_DEBUG
|
|
label: "SAML Debug"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: SAML_COMPRESS_REQUEST
|
|
label: "SAML Compress Request"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: SAML_COMPRESS_RESPONSE
|
|
label: "SAML Compress Response"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: SAML_GROUP_ATTRIBUTE
|
|
label: "SAML Group Attribute (Leave empty for default)"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
|
|
- variable: service
|
|
group: "Networking and Services"
|
|
label: "Configure Service(s)"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelector}
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 9998
|
|
required: true
|
|
- variable: advanced
|
|
label: "Show Advanced settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: enabled
|
|
label: "Enable the port"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: protocol
|
|
label: "Port Type"
|
|
schema:
|
|
type: string
|
|
default: "HTTP"
|
|
enum:
|
|
- value: HTTP
|
|
description: "HTTP"
|
|
- value: "HTTPS"
|
|
description: "HTTPS"
|
|
- value: TCP
|
|
description: "TCP"
|
|
- value: "UDP"
|
|
description: "UDP"
|
|
- variable: nodePort
|
|
label: "Node Port (Optional)"
|
|
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
|
|
schema:
|
|
type: int
|
|
min: 9000
|
|
max: 65535
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 8080
|
|
|
|
- variable: serviceexpert
|
|
group: "Networking and Services"
|
|
label: "Show Expert Config"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: hostNetwork
|
|
group: "Networking and Services"
|
|
label: "Host-Networking (Complicated)"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
|
|
# Include{serviceExpert}
|
|
|
|
# Include{serviceList}
|
|
|
|
# Include{persistenceList}
|
|
|
|
- variable: ingress
|
|
label: ""
|
|
group: "Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "Main Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
|
|
# Include{ingressTLS}
|
|
|
|
# Include{ingressTraefik}
|
|
|
|
# Include{ingressExpert}
|
|
|
|
# Include{ingressList}
|
|
|
|
# Include{security}
|
|
|
|
- variable: advancedSecurity
|
|
label: "Show Advanced Security Settings"
|
|
group: "Security and Permissions"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: securityContext
|
|
label: "Security Context"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: privileged
|
|
label: "Privileged mode"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: "ReadOnly Root Filesystem"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: allowPrivilegeEscalation
|
|
label: "Allow Privilege Escalation"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
# Include{securityContextAdvanced}
|
|
- variable: podSecurityContext
|
|
group: "Security and Permissions"
|
|
label: "Pod Security Context"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 1001
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: "The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 1001
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{podSecurityContextAdvanced}
|
|
|
|
# Include{resources}
|
|
|
|
# Include{advanced}
|
|
|
|
# Include{addons}
|