209 lines
8.1 KiB
YAML
209 lines
8.1 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
# Include{portalLink}
|
|
questions:
|
|
# Include{global}
|
|
- variable: imageSelector
|
|
group: "Container Image"
|
|
label: "Select Image"
|
|
schema:
|
|
type: string
|
|
default: "image"
|
|
enum:
|
|
- value: "image"
|
|
description: "CPU"
|
|
- value: "imageGPU"
|
|
description: "GPU"
|
|
- value: "imageMinimal"
|
|
description: "Minimal"
|
|
- value: "imageLight"
|
|
description: "Light"
|
|
- value: "imageSpark"
|
|
description: "Spark"
|
|
- value: "imageR"
|
|
description: "R"
|
|
# Include{controller}
|
|
# Include{controllerDeployment}
|
|
# Include{replicas}
|
|
# Include{replica1}
|
|
# Include{strategy}
|
|
# Include{recreate}
|
|
# Include{controllerExpert}
|
|
# Include{controllerExpertExtraArgs}
|
|
- variable: secretEnv
|
|
group: "Container Configuration"
|
|
label: "Image Secrets"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: WORKSPACE_AUTH_USER
|
|
label: "WORKSPACE_AUTH_USER"
|
|
description: "Basic auth user name. To enable basic auth, both the user and password need to be set. We recommend to use the AUTHENTICATE_VIA_JUPYTER for securing the workspace"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: WORKSPACE_AUTH_PASSWORD
|
|
label: "WORKSPACE_AUTH_PASSWORD"
|
|
description: "Basic auth user password. To enable basic auth, both the user and password need to be set. We recommend to use the AUTHENTICATE_VIA_JUPYTER for securing the workspace."
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: AUTHENTICATE_VIA_JUPYTER
|
|
label: "AUTHENTICATE_VIA_JUPYTER"
|
|
description: "If true, all HTTP requests will be authenticated against the Jupyter server, meaning that the authentication method configured with Jupyter will be used for all other tools as well. This can be deactivated with false. Any other value will activate this authentication and are applied as token via NotebookApp.token configuration of Jupyter."
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: "false"
|
|
- variable: env
|
|
group: "Container Configuration"
|
|
label: "Image Environment"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: CONFIG_BACKUP_ENABLED
|
|
label: "CONFIG_BACKUP_ENABLED"
|
|
description: "Automatically backup and restore user configuration to the persisted /workspace folder, such as the .ssh, .jupyter, or .gitconfig from the users home directory."
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: SHARED_LINKS_ENABLED
|
|
label: "SHARED_LINKS_ENABLED"
|
|
description: "Enable or disable the capability to share resources via external links. This is used to enable file sharing, access to workspace-internal ports, and easy command-based SSH setup. All shared links are protected via a token. However, there are certain risks since the token cannot be easily invalidated after sharing and does not expire."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: INCLUDE_TUTORIALS
|
|
label: "INCLUDE_TUTORIALS"
|
|
description: "If true, a selection of tutorial and introduction notebooks are added to the /workspace folder at container startup, but only if the folder is empty."
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: MAX_NUM_THREADS
|
|
label: "MAX_NUM_THREADS"
|
|
description: "The number of threads used for computations when using various common libraries (MKL, OPENBLAS, OMP, NUMBA, ...). You can also use auto to let the workspace dynamically determine the number of threads based on available CPU resources. This configuration can be overwritten by the user from within the workspace. Generally, it is good to set it at or below the number of CPUs available to the workspace."
|
|
schema:
|
|
type: string
|
|
default: "auto"
|
|
- variable: SHUTDOWN_INACTIVE_KERNELS
|
|
label: "SHUTDOWN_INACTIVE_KERNELS"
|
|
description: "Automatically shutdown inactive kernels after a given timeout (to clean up memory or GPU resources). Value can be either a timeout in seconds or set to true with a default value of 48h."
|
|
schema:
|
|
type: string
|
|
default: "false"
|
|
- variable: NOTEBOOK_ARGS
|
|
label: "NOTEBOOK_ARGS"
|
|
description: "Add and overwrite Jupyter configuration options via command line args."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
# Include{containerConfig}
|
|
# Include{serviceRoot}
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorSimple}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 10201
|
|
required: true
|
|
# Include{advancedPortHTTP}
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 10201
|
|
# Include{serviceExpertRoot}
|
|
default: false
|
|
# Include{serviceExpert}
|
|
# Include{serviceList}
|
|
# Include{persistenceRoot}
|
|
- variable: workspace
|
|
label: "App Workspace Storage"
|
|
description: "Stores the Application Workspace."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
# Include{persistenceList}
|
|
# Include{ingressRoot}
|
|
- variable: main
|
|
label: "Main Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
# Include{ingressTLS}
|
|
# Include{ingressTraefik}
|
|
# Include{ingressExpert}
|
|
# Include{ingressList}
|
|
# Include{security}
|
|
# Include{securityContextAdvancedRoot}
|
|
- variable: privileged
|
|
label: "Privileged mode"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: "ReadOnly Root Filesystem"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: allowPrivilegeEscalation
|
|
label: "Allow Privilege Escalation"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
# Include{securityContextAdvanced}
|
|
# Include{podSecurityContextRoot}
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: "The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{podSecurityContextAdvanced}
|
|
# Include{resources}
|
|
# Include{advanced}
|
|
# Include{addons}
|
|
# Include{documentation}
|