194 lines
7.2 KiB
YAML
194 lines
7.2 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
# Include{portalLink}
|
|
questions:
|
|
# Include{global}
|
|
# Include{controller}
|
|
# Include{controllerDeployment}
|
|
# Include{replicas}
|
|
# Include{replica1}
|
|
# Include{strategy}
|
|
# Include{recreate}
|
|
# Include{controllerExpert}
|
|
# Include{controllerExpertExtraArgs}
|
|
- variable: env
|
|
group: "Container Configuration"
|
|
label: "Image Environment"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: COMMENTO_ORIGIN
|
|
label: "COMMENTO_ORIGIN"
|
|
description: "This should be set to the subdomain or the IP address hosting Commento. All API requests will go to this server. This may include subdirectories if Commento is hosted behind a reverse proxy, for example. Include the protocol in the value to use HTTP/HTTPS."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: COMMENTO_FORBID_NEW_OWNERS
|
|
label: "COMMENTO_FORBID_NEW_OWNERS"
|
|
description: "Used to disable new dashboard registrations. Useful if you are the only person using Commento on your server. Does not impact the creation of accounts for your readers."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: COMMENTO_GZIP_STATIC
|
|
label: "COMMENTO_GZIP_STATIC"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: COMMENTO_ENABLE_WILDCARDS
|
|
label: "COMMENTO_ENABLE_WILDCARDS"
|
|
description: "Allows use of wildcards in domain names in the admin dashboard. (e.g. if you share your commento instance with more than one admin/allow new registrations)"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: COMMENTO_ENABLE_LOGGING
|
|
label: "COMMENTO_ENABLE_LOGGING"
|
|
description: "Should we log every page view? This will allow you to see stats but will fill up your free postgres database quite quickly."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: smpt_config
|
|
label: "Enable SMTP"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: SMTP_SKIP_HOST_VERIFY
|
|
label: "SMTP_SKIP_HOST_VERIFY"
|
|
description: "Allows skipping of host verification for SMTP email sending."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: COMMENTO_SMTP_USERNAME
|
|
label: "COMMENTO_SMTP_USERNAME"
|
|
description: "SMTP credentials and configuration the server should use to send emails."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: COMMENTO_SMTP_PASSWORD
|
|
label: "COMMENTO_SMTP_PASSWORD"
|
|
description: "SMTP credentials and configuration the server should use to send emails."
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: COMMENTO_SMTP_HOST
|
|
label: "COMMENTO_SMTP_HOST"
|
|
description: "SMTP credentials and configuration the server should use to send emails."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: COMMENTO_SMTP_FROM_ADDRESS
|
|
label: "COMMENTO_SMTP_FROM_ADDRESS"
|
|
description: "SMTP credentials and configuration the server should use to send emails."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: COMMENTO_SMTP_PORT
|
|
label: "COMMENTO_SMTP_PORT"
|
|
description: "SMTP credentials and configuration the server should use to send emails."
|
|
schema:
|
|
type: int
|
|
default: 587
|
|
# Include{containerConfig}
|
|
# Include{serviceRoot}
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 10240
|
|
required: true
|
|
# Include{advancedPortHTTP}
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 10240
|
|
# Include{serviceExpertRoot}
|
|
default: false
|
|
# Include{serviceExpert}
|
|
# Include{serviceList}
|
|
# Include{persistenceList}
|
|
# Include{ingressRoot}
|
|
- variable: main
|
|
label: "Main Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
# Include{ingressTLS}
|
|
# Include{ingressTraefik}
|
|
# Include{ingressExpert}
|
|
# Include{ingressList}
|
|
# Include{security}
|
|
# Include{securityContextAdvancedRoot}
|
|
- variable: privileged
|
|
label: "Privileged mode"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: "ReadOnly Root Filesystem"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: allowPrivilegeEscalation
|
|
label: "Allow Privilege Escalation"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
# Include{securityContextAdvanced}
|
|
# Include{podSecurityContextRoot}
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: "The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{podSecurityContextAdvanced}
|
|
# Include{resources}
|
|
# Include{advanced}
|
|
# Include{addons}
|
|
# Include{codeserver}
|
|
# Include{promtail}
|
|
# Include{netshoot}
|
|
# Include{vpn}
|
|
# Include{documentation}
|