282 lines
10 KiB
YAML
282 lines
10 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
# Include{portalLink}
|
|
questions:
|
|
# Include{global}
|
|
# Include{controller}
|
|
# Include{controllerDeployment}
|
|
# Include{replicas}
|
|
# Include{replica1}
|
|
# Include{strategy}
|
|
# Include{recreate}
|
|
# Include{controllerExpert}
|
|
# Include{controllerExpertExtraArgs}
|
|
- variable: env
|
|
group: "Container Configuration"
|
|
label: "Image Environment"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: GRIST_DEFAULT_EMAIL
|
|
label: "GRIST_DEFAULT_EMAIL"
|
|
description: "If set, login as this user if no other credentials presented"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: GRIST_DOMAIN
|
|
label: "GRIST_DOMAIN"
|
|
description: "In hosted Grist, Grist is served from subdomains of this domain"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: GRIST_SUPPORT_ANON
|
|
label: "GRIST_SUPPORT_ANON"
|
|
description: "If set to true, show UI for anonymous access."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: GRIST_THROTTLE_CPU
|
|
label: "GRIST_THROTTLE_CPU"
|
|
description: "If set, CPU throttling is enabled"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: GRIST_BACKUP_DELAY_SECS
|
|
label: "GRIST_BACKUP_DELAY_SECS"
|
|
description: "Wait this long after a doc change before making a backup"
|
|
schema:
|
|
type: int
|
|
default: 15
|
|
- variable: ALLOWED_WEBHOOK_DOMAINS
|
|
label: "ALLOWED_WEBHOOK_DOMAINS"
|
|
description: "Comma-separated list of permitted domains to use in webhooks"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: enabledsandbox
|
|
label: "Sandbox"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: GRIST_SANDBOX_FLAVOR
|
|
label: "GRIST_SANDBOX_FLAVOR"
|
|
description: "If set, forces Grist to use the specified kind of sandbox."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "pynbox"
|
|
description: "pynbox"
|
|
- value: "unsandboxed"
|
|
description: "unsandboxed"
|
|
- value: "docker"
|
|
description: "docker"
|
|
- value: "macSandboxExec"
|
|
description: "macSandboxExec"
|
|
- variable: GRIST_SANDBOX
|
|
label: "GRIST_SANDBOX"
|
|
description: "A program or image name to run as the sandbox. See NSandbox.ts for nerdy details."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: PYTHON_VERSION
|
|
label: "PYTHON_VERSION"
|
|
description: "If set, documents without an engine setting are assumed to use the specified version of python. Not all sandboxes support all versions."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "2"
|
|
description: "2"
|
|
- value: "3"
|
|
description: "3"
|
|
- variable: PYTHON_VERSION_ON_CREATION
|
|
label: "PYTHON_VERSION_ON_CREATION"
|
|
description: "If set, newly created documents have an engine setting set to python2 or python3. Not all sandboxes support all versions."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "2"
|
|
description: "2"
|
|
- value: "3"
|
|
description: "3"
|
|
- variable: enabledgdrive
|
|
label: "Google Drive Integration"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: GOOGLE_CLIENT_ID
|
|
label: "GOOGLE_CLIENT_ID"
|
|
description: "Set to the Google Client Id to be used with Google API client"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: GOOGLE_CLIENT_SECRET
|
|
label: "GOOGLE_CLIENT_SECRET"
|
|
description: "Set to the Google Client Secret to be used with Google API client"
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: GOOGLE_API_KEY
|
|
label: "GOOGLE_API_KEY"
|
|
description: "Set to the Google API Key to be used with Google API client (accessing public files)"
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: GOOGLE_DRIVE_SCOPE
|
|
label: "GOOGLE_DRIVE_SCOPE"
|
|
description: "Set to the scope requested for Google Drive integration (defaults to drive.file)"
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
# Include{containerConfig}
|
|
# Include{serviceRoot}
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 10163
|
|
required: true
|
|
# Include{advancedPortHTTP}
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 10163
|
|
- variable: api
|
|
label: "API Service"
|
|
description: "API service"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: api
|
|
label: "API Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 10164
|
|
required: true
|
|
# Include{advancedPortHTTP}
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 10164
|
|
# Include{serviceExpertRoot}
|
|
default: false
|
|
# Include{serviceExpert}
|
|
# Include{serviceList}
|
|
# Include{persistenceRoot}
|
|
- variable: persist
|
|
label: "App Persist Storage"
|
|
description: "Stores the Application Persist."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
# Include{persistenceList}
|
|
# Include{ingressRoot}
|
|
- variable: main
|
|
label: "Main Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
# Include{ingressTLS}
|
|
# Include{ingressTraefik}
|
|
# Include{ingressExpert}
|
|
# Include{ingressList}
|
|
# Include{security}
|
|
# Include{securityContextAdvancedRoot}
|
|
- variable: privileged
|
|
label: "Privileged mode"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: "ReadOnly Root Filesystem"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: allowPrivilegeEscalation
|
|
label: "Allow Privilege Escalation"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
# Include{securityContextAdvanced}
|
|
# Include{podSecurityContextRoot}
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: "The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{podSecurityContextAdvanced}
|
|
# Include{resources}
|
|
# Include{advanced}
|
|
# Include{addons}
|
|
# Include{documentation}
|