286 lines
12 KiB
YAML
286 lines
12 KiB
YAML
# Include{groups}
|
|
questions:
|
|
# Include{global}
|
|
- variable: clusterIssuer
|
|
group: App Configuration
|
|
label: Cluster Certificate Issuer
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: ACME
|
|
label: 'ACME Issuer'
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: ACMEEntry
|
|
label: 'ACME Issuer Entry'
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Name
|
|
description: "Name to give the issuer"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
|
|
default: ""
|
|
- variable: type
|
|
label: Type or DNS-Provider
|
|
description: DNS Provider
|
|
schema:
|
|
type: string
|
|
default: cloudflare
|
|
enum:
|
|
- value: cloudflare
|
|
description: Cloudflare
|
|
- value: route53
|
|
description: Route53
|
|
- value: akamai
|
|
description: Akamai
|
|
- value: digitalocean
|
|
description: Digitalocean
|
|
- value: rfc2136
|
|
description: rfc2136 (Advanced)
|
|
- value: HTTP01
|
|
description: HTTP01 (Experimental)
|
|
- variable: server
|
|
label: Server
|
|
description: "Server for ACME, for example: letsencrypt"
|
|
schema:
|
|
type: string
|
|
default: 'Letsencrypt-Production'
|
|
enum:
|
|
- value: 'https://acme-v02.api.letsencrypt.org/directory'
|
|
description: Letsencrypt-Production
|
|
- value: 'https://acme-staging-v02.api.letsencrypt.org/directory'
|
|
description: Letsencrypt-Staging
|
|
- value: 'https://api.buypass.no/acme-v02/directory'
|
|
description: BuyPass-Production
|
|
- value: 'https://api.test4.buypass.no/acme-v02/directory'
|
|
description: BuyPass-Staging
|
|
- value: custom
|
|
description: Custom
|
|
- variable: customServer
|
|
label: Custom ACME Server (Advanced)
|
|
description: "This can be used to enter your own custom ACME server"
|
|
schema:
|
|
type: string
|
|
show_if: [["server", "=", "custom"]]
|
|
default: 'https://acme-staging-v02.api.letsencrypt.org/directory'
|
|
- variable: email
|
|
label: Email
|
|
description: "Email adress to use for certificate issuing must match your DNS provider email when required"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "something@example.com"
|
|
- variable: cfapikey
|
|
label: CloudFlare API key
|
|
description: "CloudFlare API Key"
|
|
schema:
|
|
show_if: [["type", "=", "cloudflare"]]
|
|
type: string
|
|
default: ""
|
|
- variable: cfapitoken
|
|
label: CloudFlare API Token
|
|
description: "CloudFlare API Token"
|
|
schema:
|
|
show_if: [["type", "=", "cloudflare"]]
|
|
type: string
|
|
default: ""
|
|
- variable: region
|
|
label: Route53 Region
|
|
description: "Route 53 Region"
|
|
schema:
|
|
show_if: [["type", "=", "route53"]]
|
|
type: string
|
|
required: true
|
|
default: "us-west-1"
|
|
- variable: accessKeyID
|
|
label: Route53 accessKeyID
|
|
description: "Route53 accessKeyID"
|
|
schema:
|
|
show_if: [["type", "=", "route53"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: route53SecretAccessKey
|
|
label: Route53 Secret Access Key
|
|
description: "Route53 Secret Access Key"
|
|
schema:
|
|
show_if: [["type", "=", "route53"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: role
|
|
label: Route53 Role (optional)
|
|
description: "Route53 Role"
|
|
schema:
|
|
show_if: [["type", "=", "route53"]]
|
|
type: string
|
|
default: ""
|
|
- variable: serviceConsumerDomain
|
|
label: Akamai Service Consumer Domain
|
|
description: "Akamai Service Consumer Domain"
|
|
schema:
|
|
show_if: [["type", "=", "akamai"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: akclientToken
|
|
label: Akamai Client Token
|
|
description: "Client Token"
|
|
schema:
|
|
show_if: [["type", "=", "akamai"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: akclientSecret
|
|
label: Akamai Client Secret
|
|
description: "Akamai Client Secret"
|
|
schema:
|
|
show_if: [["type", "=", "akamai"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: akaccessToken
|
|
label: Akamai Access Token
|
|
description: "Akamai Access Token"
|
|
schema:
|
|
show_if: [["type", "=", "akamai"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: doaccessToken
|
|
label: Digitalocean Access Token
|
|
description: "Digitalocean Access Token"
|
|
schema:
|
|
show_if: [["type", "=", "digitalocean"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: nameserver
|
|
label: rfc2136 Namesever
|
|
description: "rfc2136 Namesever"
|
|
schema:
|
|
show_if: [["type", "=", "rfc2136"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: tsigKeyName
|
|
label: rfc2136 tsig Key Name
|
|
description: "rfc2136 tsig Key Name"
|
|
schema:
|
|
show_if: [["type", "=", "rfc2136"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: tsigAlgorithm
|
|
label: rfc2136 tsig Algorithm
|
|
description: "rfc2136 tsig Algorithm"
|
|
schema:
|
|
show_if: [["type", "=", "rfc2136"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: rfctsigSecret
|
|
label: rfc2136 sig Secret
|
|
description: "rfc2136 sig Secret"
|
|
schema:
|
|
show_if: [["type", "=", "rfc2136"]]
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
|
|
- variable: CA
|
|
label: Certificate Authority Issuer
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: CAEntry
|
|
label: 'CA Issuer Entry'
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Name
|
|
description: "Name to give the issuer"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
|
|
default: ""
|
|
- variable: selfSigned
|
|
label: selfSigned
|
|
description: "Create Self Signed CA cert"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: selfSignedCommonName
|
|
label: selfSigned CommonName
|
|
description: "Common name for selfSigned Certiticate Authority"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
show_if: [["selfSigned", "=", true]]
|
|
default: "my-selfsigned-ca"
|
|
- variable: crt
|
|
label: "Custom CA cert (experimental)"
|
|
description: "certificate for Certiticate Authority"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
max_length: 10240
|
|
show_if: [["selfSigned", "=", false]]
|
|
default: ""
|
|
- variable: key
|
|
label: "Custom CA key (experimental)"
|
|
description: "key Certiticate Authority"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
max_length: 10240
|
|
show_if: [["selfSigned", "=", false]]
|
|
default: ""
|
|
|
|
- variable: selfSigned
|
|
label: 'SelfSigned Issuer'
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: enabled
|
|
description: "Enable self-signed issuer"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: name
|
|
label: Name
|
|
description: "Name to give the issuer"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
valid_chars: '^[a-z]+(-?[a-z]){0,63}-?[a-z]+$'
|
|
default: "selfsigned"
|
|
|
|
- variable: customMetrics
|
|
group: Metrics
|
|
label: Prometheus Metrics
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: Enabled
|
|
description: Enable Prometheus Metrics
|
|
schema:
|
|
type: boolean
|
|
default: true
|