175 lines
6.1 KiB
YAML
175 lines
6.1 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
# Include{portalLink}
|
|
questions:
|
|
# Include{global}
|
|
# Include{controller}
|
|
# Include{controllerDeployment}
|
|
# Include{replicas}
|
|
# Include{replica1}
|
|
# Include{strategy}
|
|
# Include{recreate}
|
|
# Include{controllerExpert}
|
|
# Include{controllerExpertExtraArgs}
|
|
- variable: env
|
|
group: "Container Configuration"
|
|
label: "Image Environment"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: PASTEY_RESTRICT_PASTING
|
|
label: "PASTEY_RESTRICT_PASTING"
|
|
description: "Enabledisable restricting of pasting to whitelisted users."
|
|
schema:
|
|
type: string
|
|
default: "False"
|
|
- variable: PASTEY_RESTRICT_RAW_PASTING
|
|
label: "PASTEY_RESTRICT_RAW_PASTING"
|
|
description: "Enabledisable restricting of pasting via raw to whitelisted users."
|
|
schema:
|
|
type: string
|
|
default: "True"
|
|
- variable: PASTEY_RATE_LIMIT
|
|
label: "PASTEY_RATE_LIMIT"
|
|
description: "Rate limit for pasting, for non-whitelisted users."
|
|
schema:
|
|
type: string
|
|
default: "5/hour"
|
|
- variable: PASTEY_RECENT_PASTES
|
|
label: "PASTEY_RECENT_PASTES"
|
|
description: "Number of recent pastes to show on the home page."
|
|
schema:
|
|
type: string
|
|
default: "10"
|
|
- variable: PASTEY_BEHIND_PROXY
|
|
label: "PASTEY_BEHIND_PROXY"
|
|
description: "Inform Pastey if it is behind a reverse proxy (nginx, etc.). If this is the case, it will rely on HTTP headers X-Real-IP or X-Forwarded-For. NOTE Make sure your proxy config sets these values."
|
|
schema:
|
|
type: string
|
|
default: "False"
|
|
- variable: PASTEY_USE_WHITELIST
|
|
label: "PASTEY_USE_WHITELIST"
|
|
description: "Enabledisable whitelisting for admin tasks (view recent, delete, config)."
|
|
schema:
|
|
type: string
|
|
default: "True"
|
|
- variable: PASTEY_WHITELIST_CIDR
|
|
label: "PASTEY_WHITELIST_CIDR"
|
|
description: "List of whitelisted IP addresses or networks (in CIDR format)."
|
|
schema:
|
|
type: string
|
|
default: "127.0.0.1/32,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"
|
|
- variable: PASTEY_GUESS_THRESHOLD
|
|
label: "PASTEY_GUESS_THRESHOLD"
|
|
description: "Threshold for automatic language detection guesses. If a result is below this value, it is treated as Plaintext."
|
|
schema:
|
|
type: string
|
|
default: "0.20"
|
|
# Include{containerConfig}
|
|
# Include{serviceRoot}
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 5000
|
|
required: true
|
|
# Include{advancedPortTCP}
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 5000
|
|
# Include{serviceExpertRoot}
|
|
default: false
|
|
# Include{serviceExpert}
|
|
# Include{serviceList}
|
|
# Include{persistenceRoot}
|
|
- variable: data
|
|
label: "data Storage"
|
|
description: "Container Path appdata"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
# Include{persistenceList}
|
|
# Include{ingressRoot}
|
|
- variable: main
|
|
label: "Main Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
# Include{ingressTLS}
|
|
# Include{ingressTraefik}
|
|
# Include{ingressExpert}
|
|
# Include{ingressList}
|
|
# Include{security}
|
|
# Include{securityContextAdvancedRoot}
|
|
- variable: privileged
|
|
label: "Privileged mode"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: "ReadOnly Root Filesystem"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: allowPrivilegeEscalation
|
|
label: "Allow Privilege Escalation"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
# Include{securityContextAdvanced}
|
|
# Include{podSecurityContextRoot}
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{podSecurityContextAdvanced}
|
|
# Include{resources}
|
|
# Include{advanced}
|
|
# Include{addons}
|
|
# Include{documentation}
|