609 lines
22 KiB
YAML
609 lines
22 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
# Include{portalLink}
|
|
questions:
|
|
# Include{global}
|
|
# Include{controller}
|
|
# Include{replicas}
|
|
# Include{replica1}
|
|
# Include{controllerExpertExtraArgs}
|
|
- variable: plik
|
|
group: App Configuration
|
|
label: Plik Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: general
|
|
label: General
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: debug
|
|
label: Debug
|
|
description: Enable debug mode
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: debug_requests
|
|
label: Debug Requests
|
|
description: Log HTTP request and responses
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: log_level
|
|
label: Log Level
|
|
description: Log Level
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: INFO
|
|
enum:
|
|
- value: INFO
|
|
description: Info
|
|
- value: DEBUG
|
|
description: Debug
|
|
- value: WARNING
|
|
description: Warning
|
|
- value: CRITICAL
|
|
description: Critical
|
|
- variable: abuse_contact
|
|
label: Abuse Contact
|
|
description: Abuse contact to be displayed in the footer of the webapp (email address)
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: network
|
|
label: Network
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: download_domain
|
|
label: Download Domain
|
|
description: Enforce download domain (eg https://dl.plik.root.gg). Necessary for quick upload to work.
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: download_domain_alias
|
|
label: Download Domain Alias
|
|
description: Set download domain aliases
|
|
schema:
|
|
type: list
|
|
show_if: [["download_domain", "!=", ""]]
|
|
default: []
|
|
items:
|
|
- variable: alias
|
|
label: Alias Entry
|
|
description:
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: enhanced_web_security
|
|
label: Enhanced Web Security
|
|
description: Enable additional security headers (X-Content-Type-Options, X-XSS-Protection, X-Frame-Options, Content-Security-Policy, Secure Cookies, ...)
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: session_timeout
|
|
label: Session Timeout
|
|
description: Web UI authentication session timeout
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: 365d
|
|
- variable: source_ip_header
|
|
label: Source IP Header
|
|
description: If behind reverse proxy (eg X-FORWARDED-FOR)
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: upload_whitelist
|
|
label: Upload Whitelist
|
|
description: Restrict upload ans user creation to one or more IP range (CIDR notation, /32 can be omitted)
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: ip
|
|
label: IP Entry
|
|
description:
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: files
|
|
label: Files
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: max_file_size
|
|
label: Max File Size
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: 10GB
|
|
- variable: max_files_per_upload
|
|
label: Max Files Per Upload
|
|
schema:
|
|
type: int
|
|
required: true
|
|
default: 1000
|
|
- variable: default_ttl
|
|
label: Default TTL
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: 30d
|
|
- variable: max_ttl
|
|
label: Max TTL
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: 30d
|
|
- variable: data_backend
|
|
label: Data Backend
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: file
|
|
enum:
|
|
- value: file
|
|
description: File
|
|
- value: s3
|
|
description: S3
|
|
- value: gcs
|
|
description: Google Cloud Storage
|
|
- value: swift
|
|
description: Swift
|
|
- variable: gcs
|
|
label: Google Cloud Storage
|
|
schema:
|
|
additional_attrs: true
|
|
show_if: [["data_backend", "=", "gcs"]]
|
|
type: dict
|
|
attrs:
|
|
- variable: bucket
|
|
label: Bucket
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: folder
|
|
label: Folder
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: s3
|
|
label: S3
|
|
schema:
|
|
additional_attrs: true
|
|
show_if: [["data_backend", "=", "s3"]]
|
|
type: dict
|
|
attrs:
|
|
- variable: bucket
|
|
label: Bucket
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: endpoint
|
|
label: Endpoint
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: access_key_id
|
|
label: Access Key ID
|
|
schema:
|
|
type: string
|
|
required: true
|
|
private: true
|
|
default: ""
|
|
- variable: secret_access_key
|
|
label: Secret Access Key
|
|
schema:
|
|
type: string
|
|
required: true
|
|
private: true
|
|
default: ""
|
|
- variable: location
|
|
label: Location
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: prefix
|
|
label: Prefix
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: use_ssl
|
|
label: Use SSL
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: part_size
|
|
label: Part Size
|
|
description: Chunk size when file size is not known. Multiply by 10000 to get the max upload file size.
|
|
schema:
|
|
type: int
|
|
required: true
|
|
default: 16000000
|
|
- variable: sse
|
|
label: SSE
|
|
description: SSE-C - Server-Side-Encryption with customer provided keys (Managed by Plik) / S3 - Server-Side-Encryption using S3 storage encryption (Managed by S3 Backend)
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: None
|
|
- value: SSE-C
|
|
description: SSE-C
|
|
- value: S3
|
|
description: S3
|
|
- variable: swift
|
|
label: Swift
|
|
schema:
|
|
additional_attrs: true
|
|
show_if: [["data_backend", "=", "swift"]]
|
|
type: dict
|
|
attrs:
|
|
- variable: container
|
|
label: Container
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: auth_url
|
|
label: Auth URL
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: https://auth.swiftauthapi.xxx/v2.0/
|
|
- variable: username
|
|
label: Username
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: api_key
|
|
label: API Key
|
|
schema:
|
|
type: string
|
|
required: true
|
|
private: true
|
|
default: ""
|
|
- variable: domain
|
|
label: Domain
|
|
description: Name of the domain (v3 auth only)
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: tenant
|
|
description: Name of the tenant (v2 auth only)
|
|
label: Tenant
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: features
|
|
label: Features
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: authentication
|
|
label: Authentication
|
|
description: disabled -> no authentication / forced -> no anonymous upload / default -> enabled
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: disabled
|
|
enum:
|
|
- value: disabled
|
|
description: Disabled - Feature is always off
|
|
- value: enabled
|
|
description: Enabled - Feature is opt-in
|
|
- value: default
|
|
description: Default - Feature is opt-out
|
|
- value: forced
|
|
description: Forced - Feature is always on
|
|
- variable: one_shot
|
|
label: One Shot
|
|
description: Upload with files that are automatically deleted after the first download
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: enabled
|
|
enum:
|
|
- value: disabled
|
|
description: Disabled - Feature is always off
|
|
- value: enabled
|
|
description: Enabled - Feature is opt-in
|
|
- value: default
|
|
description: Default - Feature is opt-out
|
|
- value: forced
|
|
description: Forced - Feature is always on
|
|
- variable: removable
|
|
label: Removable
|
|
description: Upload with files that anybody can delete
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: enabled
|
|
enum:
|
|
- value: disabled
|
|
description: Disabled - Feature is always off
|
|
- value: enabled
|
|
description: Enabled - Feature is opt-in
|
|
- value: default
|
|
description: Default - Feature is opt-out
|
|
- value: forced
|
|
description: Forced - Feature is always on
|
|
- variable: stream
|
|
label: Stream
|
|
description: Upload with files that are not stored on the server
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: enabled
|
|
enum:
|
|
- value: disabled
|
|
description: Disabled - Feature is always off
|
|
- value: enabled
|
|
description: Enabled - Feature is opt-in
|
|
- value: default
|
|
description: Default - Feature is opt-out
|
|
- value: forced
|
|
description: Forced - Feature is always on
|
|
- variable: password
|
|
label: Password
|
|
description: Upload that are protected by HTTP basic auth login/password
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: enabled
|
|
enum:
|
|
- value: disabled
|
|
description: Disabled - Feature is always off
|
|
- value: enabled
|
|
description: Enabled - Feature is opt-in
|
|
- value: default
|
|
description: Default - Feature is opt-out
|
|
- value: forced
|
|
description: Forced - Feature is always on
|
|
- variable: comments
|
|
label: Comments
|
|
description: Upload with markdown comments / forced -> default
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: enabled
|
|
enum:
|
|
- value: disabled
|
|
description: Disabled - Feature is always off
|
|
- value: enabled
|
|
description: Enabled - Feature is opt-in
|
|
- value: default
|
|
description: Default - Feature is opt-out
|
|
- value: forced
|
|
description: Forced - Feature is always on
|
|
- variable: set_ttl
|
|
label: Set TTL
|
|
description: When disabled upload TTL is always set to DefaultTTL
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: enabled
|
|
enum:
|
|
- value: disabled
|
|
description: Disabled - Feature is always off
|
|
- value: enabled
|
|
description: Enabled - Feature is opt-in
|
|
- value: default
|
|
description: Default - Feature is opt-out
|
|
- value: forced
|
|
description: Forced - Feature is always on
|
|
- variable: extend_ttl
|
|
label: Extend TTL
|
|
description: Extend upload expiration date by TTL each time it is accessed
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: disabled
|
|
enum:
|
|
- value: disabled
|
|
description: Disabled - Feature is always off
|
|
- value: enabled
|
|
description: Enabled - Feature is opt-in
|
|
- value: default
|
|
description: Default - Feature is opt-out
|
|
- value: forced
|
|
description: Forced - Feature is always on
|
|
- variable: clients
|
|
label: Clients
|
|
description: Display the clients download button in the web UI
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: enabled
|
|
enum:
|
|
- value: disabled
|
|
description: Disabled - Feature is always off
|
|
- value: enabled
|
|
description: Enabled - Feature is opt-in
|
|
- value: default
|
|
description: Default - Feature is opt-out
|
|
- value: forced
|
|
description: Forced - Feature is always on
|
|
- variable: github
|
|
label: Github
|
|
description: Display the source code link in the web UI
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: enabled
|
|
enum:
|
|
- value: disabled
|
|
description: Disabled - Feature is always off
|
|
- value: enabled
|
|
description: Enabled - Feature is opt-in
|
|
- value: default
|
|
description: Default - Feature is opt-out
|
|
- value: forced
|
|
description: Forced - Feature is always on
|
|
- variable: third_party
|
|
label: Third Party
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: google_api_client_id
|
|
label: Google API Client ID
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: google_api_secret
|
|
label: Google API Secret
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: google_valid_domains
|
|
label: Google Valid Domains
|
|
description: List of acceptable email domains for users
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: domain
|
|
label: Domain Entry
|
|
description:
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: ovh_api_key
|
|
label: OVH API Key
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: ovh_api_secret
|
|
label: OVH API Secret
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: ovh_api_endpoint
|
|
label: OVH API Secret
|
|
schema:
|
|
type: string
|
|
default: https://eu.api.ovh.com/1.0
|
|
# Include{containerConfig}
|
|
# Include{serviceRoot}
|
|
- variable: main
|
|
label: Main Service
|
|
description: The Primary service on which the healthcheck runs, often the webUI
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: main
|
|
label: Main Service Port Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: Port
|
|
description: This port exposes the container port on the service
|
|
schema:
|
|
type: int
|
|
default: 10599
|
|
required: true
|
|
# Include{serviceExpertRoot}
|
|
default: false
|
|
# Include{serviceExpert}
|
|
# Include{serviceList}
|
|
# Include{persistenceRoot}
|
|
- variable: data
|
|
label: App Data Storage
|
|
description: Stores the Application Data.
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceList}
|
|
# Include{ingressRoot}
|
|
- variable: main
|
|
label: Main Ingress
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
# Include{ingressTLS}
|
|
# Include{ingressTraefik}
|
|
# Include{ingressList}
|
|
# Include{security}
|
|
# Include{securityContextAdvancedRoot}
|
|
- variable: privileged
|
|
label: Privileged mode
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: ReadOnly Root Filesystem
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: allowPrivilegeEscalation
|
|
label: Allow Privilege Escalation
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: runAsNonRoot
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
# Include{podSecurityContextRoot}
|
|
- variable: runAsUser
|
|
label: runAsUser
|
|
description: The UserID of the user running the application
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: runAsGroup
|
|
label: runAsGroup
|
|
description: The groupID this App of the user running the application
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: fsGroup
|
|
label: fsGroup
|
|
description: The group that should own ALL storage.
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{podSecurityContextAdvanced}
|
|
# Include{resources}
|
|
# Include{advanced}
|
|
# Include{addons}
|
|
# Include{codeserver}
|
|
# Include{vpn}
|
|
# Include{documentation}
|