TrueChartsClone/charts/stable/hedgedoc/questions.yaml

942 lines
36 KiB
YAML

# Include{groups}
portals:
open:
# Include{portalLink}
questions:
# Include{global}
# Include{controller}
# Include{controllerDeployment}
# Include{replicas}
# Include{replica1}
# Include{strategy}
# Include{recreate}
# Include{controllerExpert}
# Include{controllerExpertExtraArgs}
- variable: env
group: "Container Configuration"
label: "Image Environment"
schema:
additional_attrs: true
type: dict
attrs:
- variable: generalsettings
label: "General Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_FORBIDDEN_NOTE_IDS
label: "CMD_FORBIDDEN_NOTE_IDS"
description: "disallow creation of notes, even if allowFreeUrl or CMD_ALLOW_FREEURL is true"
schema:
type: string
default: "robots.txt, favicon.ico, api, build, css, docs, fonts, js, uploads, vendor, views"
- variable: CMD_IMAGE_UPLOAD_TYPE
label: "CMD_IMAGE_UPLOAD_TYPE"
description: "Where to upload images."
schema:
type: string
default: "filesystem"
enum:
- value: "filesystem"
description: "filesystem"
- value: "imgur"
description: "imgur"
- value: "s3"
description: "s3"
- value: "minio"
description: "minio"
- value: "azure"
description: "azure"
- value: "lutim"
description: "lutim"
- variable: CMD_SOURCE_URL
label: "CMD_SOURCE_URL"
description: "Provides the link to the source code of HedgeDoc on the entry page"
schema:
type: string
default: ""
- variable: CMD_TOOBUSY_LAG
label: "CMD_TOOBUSY_LAG"
description: "CPU time for one event loop tick until node throttles connections. (milliseconds)"
schema:
type: int
default: 70
- variable: CMD_ALLOW_GRAVATAR
label: "CMD_ALLOW_GRAVATAR"
description: "Set to false to disable Libravatar as profile picture source on your instance."
schema:
type: boolean
default: true
- variable: httpsettings
label: "HTTP Settings"
schema:
type: boolean
default: true
show_subquestions_if: true
subquestions:
- variable: CMD_DOMAIN
label: "CMD_DOMAIN"
description: "Domain name (eg. hedgedoc.org)"
schema:
type: string
default: ""
- variable: CMD_PROTOCOL_USESSL
label: "CMD_PROTOCOL_USESSL"
description: "Set to use SSL protocol for resources path (only applied when domain is set)"
schema:
type: boolean
default: false
- variable: CMD_URL_ADDPORT
label: "CMD_URL_ADDPORT"
description: "Set to add port on callback URL (ports 80 or 443 won't be applied) (only applied when domain is set)"
schema:
type: boolean
default: false
- variable: CMD_ALLOW_ORIGIN
label: "CMD_ALLOW_ORIGIN"
description: "Domain name whitelist (use comma to separate)"
schema:
type: string
default: "localhost"
- variable: websecsettings
label: "Web Security Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_HSTS_ENABLE
label: "CMD_HSTS_ENABLE"
description: "Set to enable HSTS if HTTPS is also enabled"
schema:
type: boolean
default: true
- variable: CMD_HSTS_INCLUDE_SUBDOMAINS
label: "CMD_HSTS_INCLUDE_SUBDOMAINS"
description: "Set to include subdomains in HSTS"
schema:
type: boolean
default: true
- variable: CMD_HSTS_MAX_AGE
label: "CMD_HSTS_MAX_AGE"
description: "Max duration in seconds to tell clients to keep HSTS status"
schema:
type: int
default: 31536000
- variable: CMD_HSTS_PRELOAD
label: "CMD_HSTS_PRELOAD"
description: "Whether to allow preloading of the site's HSTS status"
schema:
type: boolean
default: true
- variable: CMD_CSP_ENABLE
label: "CMD_CSP_ENABLE"
description: "Whether to apply a Content-Security-Policy header to responses"
schema:
type: boolean
default: true
- variable: CMD_CSP_ADD_DISQUS
label: "CMD_CSP_ADD_DISQUS"
description: "Enable to allow users to add Disqus comments to their notes or presentations."
schema:
type: boolean
default: false
- variable: CMD_CSP_ADD_GOOGLE_ANALYTICS
label: "CMD_CSP_ADD_GOOGLE_ANALYTICS"
description: "Enable to allow users to add Google Analytics to their notes."
schema:
type: boolean
default: false
- variable: CMD_CSP_REPORTURI
label: "CMD_CSP_REPORTURI"
description: "Allows to add a URL for CSP reports in case of violations."
schema:
type: string
default: ""
- variable: CMD_CSP_ALLOW_FRAMING
label: "CMD_CSP_ALLOW_FRAMING"
description: "Disable to disallow embedding of the instance via iframe."
schema:
type: boolean
default: true
- variable: CMD_CSP_ALLOW_PDF_EMBED
label: "CMD_CSP_ALLOW_PDF_EMBED"
description: "Disable to disallow embedding PDFs."
schema:
type: boolean
default: true
- variable: CMD_COOKIE_POLICY
label: "CMD_COOKIE_POLICY"
description: "Set a SameSite policy whether cookies are send from cross-origin"
schema:
type: string
default: "lax"
enum:
- value: "lax"
description: "lax"
- value: "strict"
description: "strict"
- value: "none"
description: "none"
- variable: userprivillegesettings
label: "Users and Privileges Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_ALLOW_ANONYMOUS
label: "CMD_ALLOW_ANONYMOUS"
description: "Set to allow anonymous usage"
schema:
type: boolean
default: false
- variable: CMD_ALLOW_ANONYMOUS_EDITS
label: "CMD_ALLOW_ANONYMOUS_EDITS"
description: "If allowAnonymous is false: allow users to select freely permission, allowing guests to edit existing notes"
schema:
type: boolean
default: false
- variable: CMD_ALLOW_FREEURL
label: "CMD_ALLOW_FREEURL"
description: "Set to allow new note creation by accessing a nonexistent note URL"
schema:
type: boolean
default: false
- variable: CMD_REQUIRE_FREEURL_AUTHENTICATION
label: "CMD_REQUIRE_FREEURL_AUTHENTICATION"
description: "Set to require authentication for FreeURL mode style note creation"
schema:
type: boolean
default: true
- variable: CMD_DEFAULT_PERMISSION
label: "CMD_DEFAULT_PERMISSION"
description: "Set notes default permission (only applied on signed-in users)"
schema:
type: string
default: "editable"
enum:
- value: "editable"
description: "editable"
- value: "freely"
description: "freely"
- value: "limited"
description: "limited"
- value: "locked"
description: "locked"
- value: "protected"
description: "protected"
- value: "private"
description: "private"
- variable: CMD_SESSION_LIFE
label: "CMD_SESSION_LIFE"
description: "Cookie session life time in milliseconds."
schema:
type: int
default: 1209600000
- variable: loginsettings
label: "Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_EMAIL
label: "CMD_EMAIL"
description: "Set to allow email sign-in"
schema:
type: boolean
default: true
- variable: CMD_ALLOW_EMAIL_REGISTER
label: "CMD_ALLOW_EMAIL_REGISTER"
description: "Set to allow registration of new accounts using an email address."
schema:
type: boolean
default: true
- variable: dropboxsettings
label: "Dropbox Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_DROPBOX_CLIENTID
label: "CMD_DROPBOX_CLIENTID"
description: "Dropbox API client id"
schema:
type: string
private: true
default: ""
- variable: CMD_DROPBOX_CLIENTSECRET
label: "CMD_DROPBOX_CLIENTSECRET"
description: "Dropbox API client secret"
schema:
type: string
private: true
default: ""
- variable: facebooksettings
label: "Facebook Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_FACEBOOK_CLIENTID
label: "CMD_FACEBOOK_CLIENTID"
description: "Facebook API client id"
schema:
type: string
private: true
default: ""
- variable: CMD_FACEBOOK_CLIENTSECRET
label: "CMD_FACEBOOK_CLIENTSECRET"
description: "Facebook API client secret"
schema:
type: string
private: true
default: ""
- variable: githubsettings
label: "Github Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_GITHUB_CLIENTID
label: "CMD_GITHUB_CLIENTID"
description: "Github API client id"
schema:
type: string
private: true
default: ""
- variable: CMD_GITHUB_CLIENTSECRET
label: "CMD_GITHUB_CLIENTSECRET"
description: "Github API client secret"
schema:
type: string
private: true
default: ""
- variable: gitlabsettings
label: "GitLab Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_GITLAB_SCOPE
label: "CMD_GITLAB_SCOPE"
description: "GitLab API requested scope"
schema:
type: string
default: "api"
enum:
- value: "api"
description: "api"
- value: "read_user"
description: "read_user"
- variable: CMD_GITLAB_BASEURL
label: "CMD_GITLAB_BASEURL"
description: "GitLab authentication endpoint"
schema:
type: string
default: ""
- variable: CMD_GITLAB_CLIENTID
label: "CMD_GITLAB_CLIENTID"
description: "GitLab API client id"
schema:
type: string
private: true
default: ""
- variable: CMD_GITLAB_CLIENTSECRET
label: "CMD_GITLAB_CLIENTSECRET"
description: "GitLab API client secret"
schema:
type: string
private: true
default: ""
- variable: CMD_GITLAB_VERSION
label: "CMD_GITLAB_VERSION"
description: "GitLab API version"
schema:
type: string
default: "v4"
enum:
- value: "v4"
description: "v4"
- value: "v3"
description: "v3"
- variable: googlesettings
label: "Google Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_GOOGLE_CLIENTID
label: "CMD_GOOGLE_CLIENTID"
description: "Google API client id"
schema:
type: string
private: true
default: ""
- variable: CMD_GOOGLE_CLIENTSECRET
label: "CMD_GOOGLE_CLIENTSECRET"
description: "Google API client secret"
schema:
type: string
private: true
default: ""
- variable: CMD_GOOGLE_HOSTEDDOMAIN
label: "CMD_GOOGLE_HOSTEDDOMAIN"
description: "Provided only if the user belongs to a hosted domain"
schema:
type: string
default: ""
- variable: twittersettings
label: "Twitter Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_TWITTER_CONSUMERKEY
label: "CMD_TWITTER_CONSUMERKEY"
description: "Twitter API consumer key"
schema:
type: string
private: true
default: ""
- variable: CMD_TWITTER_CONSUMERSECRET
label: "CMD_TWITTER_CONSUMERSECRET"
description: "Twitter API consumer secret"
schema:
type: string
private: true
default: ""
- variable: mattermostsettings
label: "Mattermost Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_MATTERMOST_BASEURL
label: "CMD_MATTERMOST_BASEURL"
description: "Mattermost authentication endpoint for versions below 5.0"
schema:
type: string
default: ""
- variable: CMD_MATTERMOST_CLIENTID
label: "CMD_MATTERMOST_CLIENTID"
description: "Mattermost API client id"
schema:
type: string
private: true
default: ""
- variable: CMD_MATTERMOST_CLIENTSECRET
label: "CMD_MATTERMOST_CLIENTSECRET"
description: "Mattermost API client secret"
schema:
type: string
private: true
default: ""
- variable: oauthsettings
label: "OAuth2 Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_OAUTH2_USER_PROFILE_URL
label: "CMD_OAUTH2_USER_PROFILE_URL"
description: "Where to retrieve information about a user after successful login"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR
label: "CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR"
description: "Where to find the username in the JSON from the user profile URL"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR
label: "CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR"
description: "Where to find the display-name in the JSON from the user profile URL"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR
label: "CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR"
description: "Where to find the email address in the JSON from the user profile URL"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_USER_PROFILE_ID_ATTR
label: "CMD_OAUTH2_USER_PROFILE_ID_ATTR"
description: "Where to find the dedicated user ID (optional, overrides CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR)"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_TOKEN_URL
label: "CMD_OAUTH2_TOKEN_URL"
description: "Sometimes called token endpoint, please refer to the documentation of your OAuth2 provider"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_AUTHORIZATION_URL
label: "CMD_OAUTH2_AUTHORIZATION_URL"
description: "Authorization URL of your provider, please refer to the documentation of your OAuth2 provider"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_CLIENT_ID
label: "CMD_OAUTH2_CLIENT_ID"
description: "You will get this from your OAuth2 provider when you register HedgeDoc as OAuth2-client"
schema:
type: string
private: true
default: ""
- variable: CMD_OAUTH2_CLIENT_SECRET
label: "CMD_OAUTH2_CLIENT_SECRET"
description: "You will get this from your OAuth2 provider when you register HedgeDoc as OAuth2-client"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_PROVIDERNAME
label: "CMD_OAUTH2_PROVIDERNAME"
description: "Optional name to be displayed at login form indicating the oAuth2 provider"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_SCOPE
label: "CMD_OAUTH2_SCOPE"
description: "Scope to request for OIDC (OpenID Connect) providers"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_ROLES_CLAIM
label: "CMD_OAUTH2_ROLES_CLAIM"
description: "ID token claim, which is supposed to provide an array of strings of roles"
schema:
type: string
default: ""
- variable: CMD_OAUTH2_ACCESS_ROLE
label: "CMD_OAUTH2_ACCESS_ROLE"
description: "The role which should be included in the ID token roles claim to grant access"
schema:
type: string
default: ""
- variable: ldapsettings
label: "LDAP Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_LDAP_URL
label: "CMD_LDAP_URL"
description: "URL of LDAP server"
schema:
type: string
default: ""
- variable: CMD_LDAP_BINDDN
label: "CMD_LDAP_BINDDN"
description: "bindDn for LDAP access"
schema:
type: string
default: ""
- variable: CMD_LDAP_BINDCREDENTIALS
label: "CMD_LDAP_BINDCREDENTIALS"
description: "bindCredentials for LDAP access"
schema:
type: string
default: ""
- variable: CMD_LDAP_SEARCHBASE
label: "CMD_LDAP_SEARCHBASE"
description: "LDAP directory to begin search from"
schema:
type: string
default: ""
- variable: CMD_LDAP_SEARCHFILTER
label: "CMD_LDAP_SEARCHFILTER"
description: "LDAP filter to search with"
schema:
type: string
default: ""
- variable: CMD_LDAP_SEARCHATTRIBUTES
label: "CMD_LDAP_SEARCHATTRIBUTES"
description: "LDAP attributes to search with (use comma to separate)"
schema:
type: string
default: ""
- variable: CMD_LDAP_USERIDFIELD
label: "CMD_LDAP_USERIDFIELD"
description: "The LDAP field which is used uniquely identify a user on HedgeDoc"
schema:
type: string
default: ""
- variable: CMD_LDAP_USERNAMEFIELD
label: "CMD_LDAP_USERNAMEFIELD"
description: "The LDAP field which is used as the username on HedgeDoc"
schema:
type: string
default: ""
- variable: CMD_LDAP_TLS_CA
label: "CMD_LDAP_TLS_CA"
description: "Root CA for LDAP TLS in PEM format (use comma to separate)"
schema:
type: string
default: ""
- variable: CMD_LDAP_PROVIDERNAME
label: "CMD_LDAP_PROVIDERNAME"
description: "CMD_LDAP_PROVIDERNAME"
schema:
type: string
default: ""
- variable: samlsettings
label: "SAML Login Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_SAML_IDPSSOURL
label: "CMD_SAML_IDPSSOURL"
description: "Authentication endpoint of IdP. for details"
schema:
type: string
default: ""
- variable: CMD_SAML_IDPCERT
label: "CMD_SAML_IDPCERT"
description: "Certificate file path of IdP in PEM format"
schema:
type: string
default: ""
- variable: CMD_SAML_CLIENTCERT
label: "CMD_SAML_CLIENTCERT"
description: "Certificate file path for the client in PEM format"
schema:
type: string
default: ""
- variable: CMD_SAML_ISSUER
label: "CMD_SAML_ISSUER"
description: "Issuer to supply to identity provider"
schema:
type: string
default: ""
- variable: CMD_SAML_DISABLEREQUESTEDAUTHNCONTEXT
label: "CMD_SAML_DISABLEREQUESTEDAUTHNCONTEXT"
description: "True to allow any authentication method, false restricts to password authentication"
schema:
type: boolean
default: false
- variable: CMD_SAML_IDENTIFIERFORMAT
label: "CMD_SAML_IDENTIFIERFORMAT"
description: "Name identifier format"
schema:
type: string
default: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
- variable: CMD_SAML_GROUPATTRIBUTE
label: "CMD_SAML_GROUPATTRIBUTE"
description: "Attribute name for group list"
schema:
type: string
default: ""
- variable: CMD_SAML_REQUIREDGROUPS
label: "CMD_SAML_REQUIREDGROUPS"
description: "Group names that allowed (use vertical bar to separate)"
schema:
type: string
default: ""
- variable: CMD_SAML_EXTERNALGROUPS
label: "CMD_SAML_EXTERNALGROUPS"
description: "Group names that not allowed (use vertical bar to separate) "
schema:
type: string
default: ""
- variable: CMD_SAML_ATTRIBUTE_ID
label: "CMD_SAML_ATTRIBUTE_ID"
description: "Attribute map for id"
schema:
type: string
default: ""
- variable: CMD_SAML_ATTRIBUTE_USERNAME
label: "CMD_SAML_ATTRIBUTE_USERNAME"
description: "Attribute map for username"
schema:
type: string
default: ""
- variable: CMD_SAML_ATTRIBUTE_EMAIL
label: "CMD_SAML_ATTRIBUTE_EMAIL"
description: "Attribute map for email"
schema:
type: string
default: ""
- variable: CMD_SAML_PROVIDERNAME
label: "CMD_SAML_PROVIDERNAME"
description: "Optional name to be displayed at login form indicating the SAML provider"
schema:
type: string
default: ""
- variable: amazonsettings
label: "Amazon S3 Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_S3_ACCESS_KEY_ID
label: "CMD_S3_ACCESS_KEY_ID"
description: "AWS access key id"
schema:
type: string
private: true
default: ""
- variable: CMD_S3_SECRET_ACCESS_KEY
label: "CMD_S3_SECRET_ACCESS_KEY"
description: "AWS secret key"
schema:
type: string
private: true
default: ""
- variable: CMD_S3_REGION
label: "CMD_S3_REGION"
description: "AWS S3 region"
schema:
type: string
default: ""
- variable: CMD_S3_BUCKET
label: "CMD_S3_BUCKET"
description: "AWS S3 bucket name"
schema:
type: string
default: ""
- variable: CMD_S3_ENDPOINT
label: "CMD_S3_ENDPOINT "
description: "S3 API endpoint if you don't use AWS name"
schema:
type: string
default: ""
- variable: azuresettings
label: "Azure Blob Storage Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_AZURE_CONNECTION_STRING
label: "CMD_AZURE_CONNECTION_STRING"
description: "Azure Blob Storage connection string"
schema:
type: string
default: ""
- variable: CMD_AZURE_CONTAINER
label: "CMD_AZURE_CONTAINER"
description: "Azure Blob Storage container name (automatically created if non existent)"
schema:
type: string
default: ""
- variable: miniosettings
label: "Minio Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_MINIO_ACCESS_KEY
label: "CMD_MINIO_ACCESS_KEY"
description: "Minio access key"
schema:
type: string
private: true
default: ""
- variable: CMD_MINIO_SECRET_KEY
label: "CMD_MINIO_SECRET_KEY"
description: "Minio secret key"
schema:
type: string
private: true
default: ""
- variable: CMD_MINIO_ENDPOINT
label: "CMD_MINIO_ENDPOINT"
description: "Address of your Minio endpoint/instance"
schema:
type: string
default: ""
- variable: CMD_MINIO_PORT
label: "CMD_MINIO_ACCESS_KEY"
description: "Port that is used for your Minio instance"
schema:
type: string
default: ""
- variable: CMD_MINIO_SECURE
label: "CMD_MINIO_SECURE"
description: "If set to true HTTPS is used for Minio"
schema:
type: boolean
default: true
- variable: imgursettings
label: "Imgur Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_IMGUR_CLIENTID
label: "CMD_IMGUR_CLIENTID"
description: "Imgur API client id"
schema:
type: string
private: true
default: ""
- variable: lutimsettings
label: "Lutim Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: CMD_LUTIM_URL
label: "CMD_LUTIM_URL"
description: "When CMD_IMAGE_UPLOAD_TYPE is set to lutim, you can setup the lutim url"
schema:
type: string
default: ""
- variable: logsettings
label: "Logs Settings"
schema:
type: boolean
default: false
show_subquestions_if: true
subquestions:
- variable: DEBUG
label: "DEBUG"
description: "Set debug mode, show more logs"
schema:
type: boolean
default: false
- variable: CMD_LOGLEVEL
label: "CMD_LOGLEVEL"
description: "Defines what kind of logs are provided to stdout."
schema:
type: string
default: "info"
enum:
- value: "info"
description: "info"
- value: "warn"
description: "warn"
- value: "error"
description: "error"
- value: "verbose"
description: "verbose"
- value: "debug"
description: "debug"
# Include{containerConfig}
# Include{serviceRoot}
- variable: main
label: "Main Service"
description: "The Primary service on which the healthcheck runs, often the webUI"
schema:
additional_attrs: true
type: dict
attrs:
# Include{serviceSelectorLoadBalancer}
# Include{serviceSelectorExtras}
- variable: main
label: "Main Service Port Configuration"
schema:
additional_attrs: true
type: dict
attrs:
- variable: port
label: "Port"
description: "This port exposes the container port on the service"
schema:
type: int
default: 10132
required: true
# Include{advancedPortHTTP}
- variable: targetPort
label: "Target Port"
description: "The internal(!) port on the container the Application runs on"
schema:
type: int
default: 10132
# Include{serviceExpertRoot}
default: false
# Include{serviceExpert}
# Include{serviceList}
# Include{persistenceRoot}
- variable: uploads
label: "App Uploads Storage"
description: "Stores the Application Uploads."
schema:
additional_attrs: true
type: dict
attrs:
# Include{persistenceBasic}
# Include{persistenceAdvanced}
# Include{persistenceList}
# Include{ingressRoot}
- variable: main
label: "Main Ingress"
schema:
additional_attrs: true
type: dict
attrs:
# Include{ingressDefault}
# Include{ingressTLS}
# Include{ingressTraefik}
# Include{ingressExpert}
# Include{ingressList}
# Include{security}
# Include{securityContextAdvancedRoot}
- variable: privileged
label: "Privileged mode"
schema:
type: boolean
default: false
- variable: readOnlyRootFilesystem
label: "ReadOnly Root Filesystem"
schema:
type: boolean
default: true
- variable: allowPrivilegeEscalation
label: "Allow Privilege Escalation"
schema:
type: boolean
default: false
- variable: runAsNonRoot
label: "runAsNonRoot"
schema:
type: boolean
default: true
# Include{securityContextAdvanced}
# Include{podSecurityContextRoot}
- variable: runAsUser
label: "runAsUser"
description: "The UserID of the user running the application"
schema:
type: int
default: 568
- variable: runAsGroup
label: "runAsGroup"
description: "The groupID this App of the user running the application"
schema:
type: int
default: 568
- variable: fsGroup
label: "fsGroup"
description: "The group that should own ALL storage."
schema:
type: int
default: 568
# Include{podSecurityContextAdvanced}
# Include{resources}
# Include{advanced}
# Include{addons}
# Include{documentation}