831 lines
31 KiB
YAML
831 lines
31 KiB
YAML
groups:
|
|
- name: "Container Image"
|
|
description: "Image to be used for container"
|
|
- name: "Workload Configuration"
|
|
description: "Configure workload deployment"
|
|
- name: "Configuration"
|
|
description: "additional container configuration"
|
|
- name: "Networking"
|
|
description: "Configure / service for container"
|
|
- name: "Storage"
|
|
description: "Persist and share data that is separate from the lifecycle of the container"
|
|
- name: "Resources and Devices"
|
|
description: "Specify resources/devices to be allocated to workload"
|
|
- name: "Reverse Proxy Configuration"
|
|
description: "Reverse Proxy configuration"
|
|
- name: "Advanced"
|
|
description: "Advanced Configuration"
|
|
- name: "WARNING"
|
|
description: "WARNING"
|
|
portals:
|
|
web_portal:
|
|
protocols:
|
|
- "https"
|
|
host:
|
|
- "$kubernetes-resource_configmap_portal_host"
|
|
ports:
|
|
- "443"
|
|
questions:
|
|
- variable: portal
|
|
group: "Container Image"
|
|
label: "Configure Portal Button"
|
|
schema:
|
|
type: dict
|
|
hidden: true
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable"
|
|
description: "enable the portal button"
|
|
schema:
|
|
hidden: true
|
|
editable: false
|
|
type: boolean
|
|
default: true
|
|
# Configure Time Zone
|
|
- variable: timezone
|
|
group: "Container Image"
|
|
label: "Timezone"
|
|
schema:
|
|
type: string
|
|
default: "Etc/UTC"
|
|
$ref:
|
|
- "definitions/timezone"
|
|
|
|
- variable: ingress
|
|
label: ""
|
|
group: "Reverse Proxy Configuration"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "WebUI"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable Web Reverse Proxy"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: type
|
|
label: "Reverse Proxy Type"
|
|
schema:
|
|
type: string
|
|
default: "HTTP-IR"
|
|
hidden: true
|
|
editable: false
|
|
required: true
|
|
- variable: serviceName
|
|
label: "Service name to proxy to"
|
|
schema:
|
|
hidden: true
|
|
editable: false
|
|
type: string
|
|
default: "api@internal"
|
|
- variable: serviceKind
|
|
label: "Service Kind to proxy to"
|
|
schema:
|
|
hidden: true
|
|
editable: false
|
|
type: string
|
|
default: "TraefikService"
|
|
- variable: entrypoint
|
|
label: "Select Entrypoint"
|
|
schema:
|
|
type: string
|
|
default: "websecure"
|
|
required: true
|
|
enum:
|
|
- value: "websecure"
|
|
description: "Websecure: HTTPS/TLS port 443"
|
|
- variable: hosts
|
|
label: "Hosts"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: host
|
|
label: "Host"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: host
|
|
label: "Domain Name"
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- variable: path
|
|
label: "path"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
hidden: true
|
|
default: "/"
|
|
- variable: certType
|
|
label: "Select Certificate Type"
|
|
schema:
|
|
type: string
|
|
default: "selfsigned"
|
|
enum:
|
|
- value: ""
|
|
description: "No Encryption/TLS/Certificates"
|
|
- value: "selfsigned"
|
|
description: "Self-Signed Certificate"
|
|
- value: "ixcert"
|
|
description: "TrueNAS SCALE Certificate"
|
|
- variable: certificate
|
|
label: "Select TrueNAS SCALE Certificate"
|
|
schema:
|
|
type: int
|
|
show_if: [["certType", "=", "ixcert"]]
|
|
$ref:
|
|
- "definitions/certificate"
|
|
- variable: authForwardURL
|
|
label: "Forward Authentication URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: traefik
|
|
label: "(Advanced) Traefik Settings"
|
|
group: "Advanced"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: ports
|
|
label: "(Advanced) Traefik Entrypoints"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: traefik
|
|
label: "traefik internal"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 9000
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
default: 9000
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
default: "TCP"
|
|
- variable: web
|
|
label: "web"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 8081
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 80
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "TCP"
|
|
hidden: true
|
|
- variable: redirectEnable
|
|
label: "Enable Redirect"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: redirectTo
|
|
label: "Target Entrypoint"
|
|
description: "Select the Target Entrypoint to redirect to"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "websecure"
|
|
- variable: websecure
|
|
label: "websecure"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 8443
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 443
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "TCP"
|
|
hidden: true
|
|
- variable: plex
|
|
label: "plex"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 32400
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: false
|
|
default: 32400
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "TCP"
|
|
hidden: true
|
|
- variable: kms
|
|
label: "kms"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 51688
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 1688
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "TCP"
|
|
hidden: true
|
|
- variable: dns-tcp
|
|
label: "dns-tcp"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 5353
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 53
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "TCP"
|
|
hidden: true
|
|
- variable: dns-udp
|
|
label: "dns-udp"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 5353
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 53
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "UDP"
|
|
hidden: true
|
|
- variable: stun-tcp
|
|
label: "stun-tcp"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 3478
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 3478
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "TCP"
|
|
hidden: true
|
|
- variable: stun-udp
|
|
label: "stun-udp"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 3478
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 3478
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "UDP"
|
|
hidden: true
|
|
- variable: radius
|
|
label: "radius"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 51812
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 1812
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "UDP"
|
|
hidden: true
|
|
- variable: radius-acc
|
|
label: "radius-acc"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 51813
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 1813
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "UDP"
|
|
hidden: true
|
|
- variable: ldaps
|
|
label: "ldaps"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
default: 50636
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 636
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
hidden: true
|
|
default: "TCP"
|
|
- variable: unificom
|
|
label: "unificom"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Internal Port"
|
|
description: "(advanced) Port inside the container network"
|
|
schema:
|
|
type: int
|
|
required: true
|
|
hidden: true
|
|
hide: true
|
|
default: 8080
|
|
- variable: expose
|
|
label: "Expose to Outside"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: exposedPort
|
|
label: "Outside Port"
|
|
description: "Port to the outside of all(!) nodes"
|
|
schema:
|
|
type: int
|
|
show_if: [["expose", "=", true]]
|
|
required: true
|
|
default: 8080
|
|
- variable: protocol
|
|
label: "Protocol"
|
|
description: "TCP or UDP reverse proxying?"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "TCP"
|
|
hidden: true
|
|
- variable: externalServices
|
|
label: "(Advanced) Add External Services"
|
|
group: "Advanced"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: externalService
|
|
label: "External Service"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable Web Reverse Proxy"
|
|
schema:
|
|
type: boolean
|
|
hidden: true
|
|
editable: false
|
|
default: true
|
|
- variable: type
|
|
label: "Reverse Proxy Type"
|
|
schema:
|
|
type: string
|
|
default: "HTTP"
|
|
hidden: true
|
|
editable: false
|
|
required: true
|
|
- variable: serviceName
|
|
label: "Service name to proxy to"
|
|
schema:
|
|
hidden: true
|
|
editable: false
|
|
type: string
|
|
default: ""
|
|
- variable: serviceTarget
|
|
label: "IP Adress of the external service"
|
|
schema:
|
|
hidden: false
|
|
editable: true
|
|
required: true
|
|
type: string
|
|
default: "192.168.0.0"
|
|
- variable: servicePort
|
|
label: "External Service Port"
|
|
description: "The port on the external service you want to proxy"
|
|
schema:
|
|
hidden: false
|
|
required: true
|
|
editable: true
|
|
type: int
|
|
default: 80
|
|
- variable: serviceType
|
|
label: "Connection Type"
|
|
description: "Connection Type between Traefik and the external service"
|
|
schema:
|
|
hidden: false
|
|
editable: true
|
|
required: true
|
|
default: "HTTP"
|
|
type: string
|
|
enum:
|
|
- value: "HTTP"
|
|
description: "HTTP"
|
|
- value: "HTTPS"
|
|
description: "HTTPS"
|
|
- variable: serviceKind
|
|
label: "Service Kind to proxy to"
|
|
schema:
|
|
hidden: true
|
|
editable: false
|
|
type: string
|
|
default: ""
|
|
- variable: entrypoint
|
|
label: "Select Entrypoint"
|
|
schema:
|
|
type: string
|
|
default: "websecure"
|
|
required: true
|
|
enum:
|
|
- value: "websecure"
|
|
description: "Websecure: HTTPS/TLS port 443"
|
|
- variable: host
|
|
label: "Domain Name"
|
|
required: true
|
|
schema:
|
|
type: string
|
|
- variable: path
|
|
label: "path"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
hidden: false
|
|
default: "/"
|
|
- variable: certType
|
|
label: "Select Certificate Type"
|
|
schema:
|
|
type: string
|
|
default: "selfsigned"
|
|
enum:
|
|
- value: ""
|
|
description: "No Encryption/TLS/Certificates"
|
|
- value: "selfsigned"
|
|
description: "Self-Signed Certificate"
|
|
- value: "ixcert"
|
|
description: "TrueNAS SCALE Certificate"
|
|
- variable: certificate
|
|
label: "Select TrueNAS SCALE Certificate"
|
|
schema:
|
|
type: int
|
|
show_if: [["certType", "=", "ixcert"]]
|
|
$ref:
|
|
- "definitions/certificate"
|
|
- variable: authForwardURL
|
|
label: "Forward Authentication URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
|
|
- variable: UMASK
|
|
group: "Advanced"
|
|
label: "UMASK"
|
|
description: "Sets the UMASK env var for LinuxServer.io (compatible) containers"
|
|
schema:
|
|
type: string
|
|
default: "002"
|
|
# Enable privileged
|
|
- variable: securityContext
|
|
group: "Advanced"
|
|
label: "Security Context"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: privileged
|
|
label: "Enable privileged mode for Common-Chart based charts"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
# Set Pod Security Policy
|
|
- variable: podSecurityContext
|
|
group: "Advanced"
|
|
label: "Pod Security Context"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: supplementalGroups
|
|
label: "supplementalGroups"
|
|
description: "Additional groups this App needs access to"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: Group
|
|
label: "Group"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: fsGroupChangePolicy
|
|
label: "When should we take ownership?"
|
|
schema:
|
|
type: string
|
|
default: "OnRootMismatch"
|
|
enum:
|
|
- value: "OnRootMismatch"
|
|
description: "OnRootMismatch"
|
|
- value: "Always"
|
|
description: "Always"
|
|
- variable: warning
|
|
label: "This App binds to the same ports as the defaults for TrueNAS SCALE UI (80 and 443). This means you may not be able to access the TrueNAS SCALE UI after starting the App."
|
|
description: "Please be sure to set the UI to a different port or adapter"
|
|
group: "WARNING"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: confirm-warning
|
|
description: "Check this to confirm you have made precautions against conflicts on port 80 and 443, such as running the TrueNAS SCALE UI on a different port or adapter."
|
|
label: "I understand above warning and its consequences"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
required: true
|