801 lines
28 KiB
YAML
801 lines
28 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
protocols:
|
|
- "$kubernetes-resource_configmap_portal_protocol"
|
|
host:
|
|
- "$kubernetes-resource_configmap_portal_host"
|
|
ports:
|
|
- "$kubernetes-resource_configmap_portal_port"
|
|
questions:
|
|
- variable: portal
|
|
group: "Container Image"
|
|
label: "Configure Portal Button"
|
|
schema:
|
|
type: dict
|
|
hidden: true
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable"
|
|
description: "enable the portal button"
|
|
schema:
|
|
hidden: true
|
|
editable: false
|
|
type: boolean
|
|
default: true
|
|
# Include{global}
|
|
- variable: controller
|
|
group: "Controller"
|
|
label: ""
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: advanced
|
|
label: "Show Advanced Controller Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: type
|
|
description: "Please specify type of workload to deploy"
|
|
label: "(Advanced) Controller Type"
|
|
schema:
|
|
type: string
|
|
default: "deployment"
|
|
required: true
|
|
enum:
|
|
- value: "deployment"
|
|
description: "Deployment"
|
|
- value: "statefulset"
|
|
description: "Statefulset"
|
|
- value: "daemonset"
|
|
description: "Daemonset"
|
|
- variable: replicas
|
|
description: "Number of desired pod replicas"
|
|
label: "Desired Replicas"
|
|
schema:
|
|
type: int
|
|
default: 1
|
|
required: true
|
|
- variable: strategy
|
|
description: "Please specify type of workload to deploy"
|
|
label: "(Advanced) Update Strategy"
|
|
schema:
|
|
type: string
|
|
default: "Recreate"
|
|
required: true
|
|
enum:
|
|
- value: "Recreate"
|
|
description: "Recreate: Kill existing pods before creating new ones"
|
|
- value: "RollingUpdate"
|
|
description: "RollingUpdate: Create new pods and then kill old ones"
|
|
- value: "OnDelete"
|
|
description: "(Legacy) OnDelete: ignore .spec.template changes"
|
|
# Include{controllerExpert}
|
|
|
|
# Include{containerConfig}
|
|
|
|
- variable: synapse
|
|
group: "Container Configuration"
|
|
label: "Synapse Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: loadCustomConfig
|
|
label: "Load Custom Config"
|
|
description: "Load custom config located in /data/custom.yaml"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
|
|
- variable: matrix
|
|
group: "Container Configuration"
|
|
label: "Matrix Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: disabled
|
|
label: "Disable Server Globally"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: disabledMessage
|
|
label: "Disabled Message"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: serverName
|
|
label: "Server Name"
|
|
schema:
|
|
type: string
|
|
default: "example.com"
|
|
- variable: hostname
|
|
label: "Hostname"
|
|
schema:
|
|
type: string
|
|
default: "matrix.example.com"
|
|
- variable: clientBaseUrl
|
|
label: Client Base URL
|
|
# Assigned to `client_base_url` formerly called `riot_base_url`
|
|
description: |
|
|
Custom URL for links within email notifications. If not set links will be
|
|
based on https://matrix.to
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: presence
|
|
label: "Presence"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: blockNonAdminInvites
|
|
label: "Block Non Admin Invites"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: search
|
|
label: "Search"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: encryptByDefault
|
|
label: "Encrypt By Default"
|
|
schema:
|
|
type: string
|
|
default: "invite"
|
|
enum:
|
|
- value: "off"
|
|
description: "off"
|
|
- value: "invite"
|
|
description: "invite"
|
|
- value: "all"
|
|
description: "all"
|
|
- variable: adminEmail
|
|
label: "Admin Email"
|
|
schema:
|
|
type: string
|
|
default: "admin@example.com"
|
|
- variable: uploads
|
|
label: "Uploads Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: maxSize
|
|
label: "Max Size"
|
|
schema:
|
|
type: string
|
|
default: "10M"
|
|
- variable: maxPixels
|
|
label: "Max Pixels"
|
|
schema:
|
|
type: string
|
|
default: "32M"
|
|
- variable: urlPreviews
|
|
label: "URL Previews Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable URL Previews"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: federation
|
|
label: "Federation Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable Federation"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: allowPublicRooms
|
|
label: "Allow Public Rooms"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
# TODO: whitelist:
|
|
# TODO: blacklist:
|
|
- variable: registration
|
|
label: "Registration Configuration"
|
|
# Enabling captcha instead of mail is also an option but currently only
|
|
# mail is configurable.
|
|
description: |
|
|
Enable registration. If enabled requires this will require enabling
|
|
and configuring mail for SMTP.
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable Registration"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: requiresToken
|
|
label: "Requires Token"
|
|
description: "Require users to submit a token during registration."
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: require3PID
|
|
label: "Third Party ID"
|
|
description: "The 3rd party IDs required during registration. (All selected will be required)"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: medium
|
|
label: "Medium"
|
|
schema:
|
|
type: string
|
|
default: "email"
|
|
enum:
|
|
- value: "email"
|
|
description: "Email"
|
|
- value: "msisdn"
|
|
description: "MSISDN"
|
|
- variable: enable3PIDLookup
|
|
label: "Lookup Third Party ID"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: disableMSISDNRegistration
|
|
label: "Disable MSISDN Registration"
|
|
description: "Override requirement for MSISDN during registration"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: allowedLocal3PIDs
|
|
label: "Allowed Local Third Party IDs"
|
|
description: "Restrict 3PID to specific patterns"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: allowed
|
|
label: "Allowed Third Party ID"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: medium
|
|
label: "Medium"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: "email"
|
|
enum:
|
|
- value: "email"
|
|
description: "Email"
|
|
- value: "msisdn"
|
|
description: "MSISDN"
|
|
- variable: pattern
|
|
label: "Pattern"
|
|
description: "Regular expression to match against"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
required: true
|
|
- variable: sharedSecret
|
|
label: "Shared Secret"
|
|
description: |
|
|
If set, allows registration of standard or admin accounts by anyone who has the shared secret, even
|
|
if registration is otherwise disabled
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
private: true
|
|
required: true
|
|
# TODO: required3PIDs
|
|
# TODO: autoJoinRooms
|
|
- variable: security
|
|
label: "Security Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: surpressKeyServerWarning
|
|
label: "Surpress Key Server Warning"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: trustedKeyServers
|
|
label: "Truested Key Servers"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: serverName
|
|
label: "Server Name"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: verifyKeys
|
|
label: "Verify Keys"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: id
|
|
label: "id"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: key
|
|
label: "key"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
private: true
|
|
- variable: acceptKeysInsecurely
|
|
label: "Accept Keys Insecurely"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: logging
|
|
group: "Container Configuration"
|
|
label: "Logging Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# TODO: Find the log levels and make the enum's
|
|
- variable: rootLogLevel
|
|
label: "Root Log Level"
|
|
schema:
|
|
type: string
|
|
default: "WARNING"
|
|
- variable: sqlLogLevel
|
|
label: "Root Log Level"
|
|
schema:
|
|
type: string
|
|
default: "WARNING"
|
|
- variable: sqlLogLevel
|
|
label: "Root Log Level"
|
|
schema:
|
|
type: string
|
|
default: "WARNING"
|
|
|
|
- variable: mail
|
|
group: "Container Configuration"
|
|
label: "Mail Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable Mail"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: from
|
|
label: "From: "
|
|
schema:
|
|
type: string
|
|
default: "Matrix <matrix@example.com>"
|
|
- variable: host
|
|
label: "Host"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: port
|
|
label: "Port"
|
|
schema:
|
|
type: int
|
|
default: 25
|
|
- variable: username
|
|
label: "Username"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: password
|
|
label: "Password"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
private: true
|
|
- variable: requireTransportSecurity
|
|
label: "Require Transport Security"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
|
|
- variable: coturn
|
|
group: "Container Configuration"
|
|
label: "Coturn Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable Coturn"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
|
|
- variable: service
|
|
group: "Networking and Services"
|
|
label: "Configure Service(s)"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelector}
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 8008
|
|
required: true
|
|
- variable: advanced
|
|
label: "Show Advanced settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: protocol
|
|
label: "Port Type"
|
|
schema:
|
|
type: string
|
|
default: "HTTP"
|
|
enum:
|
|
- value: HTTP
|
|
description: "HTTP"
|
|
- value: "HTTPS"
|
|
description: "HTTPS"
|
|
- value: TCP
|
|
description: "TCP"
|
|
- value: "UDP"
|
|
description: "UDP"
|
|
- variable: nodePort
|
|
label: "Node Port (Optional)"
|
|
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
|
|
schema:
|
|
type: int
|
|
min: 9000
|
|
max: 65535
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 8008
|
|
- variable: federation
|
|
label: "federation Service"
|
|
description: "The federation service"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelector}
|
|
- variable: federation
|
|
label: "federation Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 8448
|
|
required: true
|
|
- variable: advanced
|
|
label: "Show Advanced settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: protocol
|
|
label: "Port Type"
|
|
schema:
|
|
type: string
|
|
default: "HTTP"
|
|
enum:
|
|
- value: HTTP
|
|
description: "HTTP"
|
|
- value: "HTTPS"
|
|
description: "HTTPS"
|
|
- value: TCP
|
|
description: "TCP"
|
|
- value: "UDP"
|
|
description: "UDP"
|
|
- variable: nodePort
|
|
label: "Node Port (Optional)"
|
|
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
|
|
schema:
|
|
type: int
|
|
min: 9000
|
|
max: 65535
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 8008
|
|
|
|
- variable: serviceexpert
|
|
group: "Networking and Services"
|
|
label: "Show Expert Config"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: hostNetwork
|
|
group: "Networking and Services"
|
|
label: "Host-Networking (Complicated)"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
|
|
# Include{serviceExpert}
|
|
|
|
# Include{serviceList}
|
|
|
|
- variable: persistence
|
|
label: "Integrated Persistent Storage"
|
|
description: "Integrated Persistent Storage"
|
|
group: "Storage and Persistence"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: key
|
|
label: "App Key Storage"
|
|
description: "Stores the Application Key."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: type
|
|
label: "Type of Storage"
|
|
description: "Sets the persistence type, Anything other than PVC could break rollback!"
|
|
schema:
|
|
type: string
|
|
default: "simplePVC"
|
|
enum:
|
|
- value: "simplePVC"
|
|
description: "PVC (simple)"
|
|
- value: "simpleHP"
|
|
description: "HostPath (simple)"
|
|
- value: "emptyDir"
|
|
description: "emptyDir"
|
|
- value: "pvc"
|
|
description: "pvc"
|
|
- value: "hostPath"
|
|
description: "hostPath"
|
|
# Include{persistenceBasic}
|
|
- variable: hostPath
|
|
label: "hostPath"
|
|
description: "Path inside the container the storage is mounted"
|
|
schema:
|
|
show_if: [["type", "=", "hostPath"]]
|
|
type: hostpath
|
|
- variable: medium
|
|
label: "EmptyDir Medium"
|
|
schema:
|
|
show_if: [["type", "=", "emptyDir"]]
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "Memory"
|
|
description: "Memory"
|
|
# Include{persistenceAdvanced}
|
|
- variable: media
|
|
label: "App Media Storage"
|
|
description: "Stores the Application Media."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: type
|
|
label: "Type of Storage"
|
|
description: "Sets the persistence type, Anything other than PVC could break rollback!"
|
|
schema:
|
|
type: string
|
|
default: "simplePVC"
|
|
enum:
|
|
- value: "simplePVC"
|
|
description: "PVC (simple)"
|
|
- value: "simpleHP"
|
|
description: "HostPath (simple)"
|
|
- value: "emptyDir"
|
|
description: "emptyDir"
|
|
- value: "pvc"
|
|
description: "pvc"
|
|
- value: "hostPath"
|
|
description: "hostPath"
|
|
# Include{persistenceBasic}
|
|
- variable: hostPath
|
|
label: "hostPath"
|
|
description: "Path inside the container the storage is mounted"
|
|
schema:
|
|
show_if: [["type", "=", "hostPath"]]
|
|
type: hostpath
|
|
- variable: medium
|
|
label: "EmptyDir Medium"
|
|
schema:
|
|
show_if: [["type", "=", "emptyDir"]]
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "Memory"
|
|
description: "Memory"
|
|
# Include{persistenceAdvanced}
|
|
- variable: uploads
|
|
label: "App Upload Storage"
|
|
description: "Stores the Application Upload."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: type
|
|
label: "Type of Storage"
|
|
description: "Sets the persistence type, Anything other than PVC could break rollback!"
|
|
schema:
|
|
type: string
|
|
default: "simplePVC"
|
|
enum:
|
|
- value: "simplePVC"
|
|
description: "PVC (simple)"
|
|
- value: "simpleHP"
|
|
description: "HostPath (simple)"
|
|
- value: "emptyDir"
|
|
description: "emptyDir"
|
|
- value: "pvc"
|
|
description: "pvc"
|
|
- value: "hostPath"
|
|
description: "hostPath"
|
|
# Include{persistenceBasic}
|
|
- variable: hostPath
|
|
label: "hostPath"
|
|
description: "Path inside the container the storage is mounted"
|
|
schema:
|
|
show_if: [["type", "=", "hostPath"]]
|
|
type: hostpath
|
|
- variable: medium
|
|
label: "EmptyDir Medium"
|
|
schema:
|
|
show_if: [["type", "=", "emptyDir"]]
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "Memory"
|
|
description: "Memory"
|
|
# Include{persistenceAdvanced}
|
|
|
|
# Include{persistenceList}
|
|
|
|
- variable: ingress
|
|
label: ""
|
|
group: "Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "Main Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
|
|
# Include{ingressTLS}
|
|
|
|
# Include{ingressTraefik}
|
|
|
|
# Include{ingressExpert}
|
|
|
|
# Include{ingressList}
|
|
|
|
# Include{security}
|
|
|
|
- variable: advancedSecurity
|
|
label: "Show Advanced Security Settings"
|
|
group: "Security and Permissions"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: securityContext
|
|
label: "Security Context"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: privileged
|
|
label: "Privileged mode"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: "ReadOnly Root Filesystem"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: allowPrivilegeEscalation
|
|
label: "Allow Privilege Escalation"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
# Include{securityContextAdvanced}
|
|
|
|
- variable: podSecurityContext
|
|
group: "Security and Permissions"
|
|
label: "Pod Security Context"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: "The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
|
|
# Include{podSecurityContextAdvanced}
|
|
|
|
# Include{resources}
|
|
|
|
# Include{advanced}
|
|
|
|
# Include{addons}
|