946 lines
35 KiB
YAML
946 lines
35 KiB
YAML
groups:
|
|
- name: "Container Image"
|
|
description: "Image to be used for container"
|
|
- name: "Workload Configuration"
|
|
description: "Configure workload deployment"
|
|
- name: "Configuration"
|
|
description: "additional container configuration"
|
|
- name: "Networking"
|
|
description: "Configure Network and Services for container"
|
|
- name: "Storage"
|
|
description: "Persist and share data that is separate from the lifecycle of the container"
|
|
- name: "Resources and Devices"
|
|
description: "Specify resources/devices to be allocated to workload"
|
|
- name: "Ingress Configuration"
|
|
description: "Ingress Configuration"
|
|
- name: "Security"
|
|
description: "Configure security context"
|
|
- name: "Advanced"
|
|
description: "Advanced Configuration"
|
|
- name: "WARNING"
|
|
description: "WARNING"
|
|
portals:
|
|
web_portal:
|
|
protocols:
|
|
- "$kubernetes-resource_configmap_portal_protocol"
|
|
host:
|
|
- "$kubernetes-resource_configmap_portal_host"
|
|
ports:
|
|
- "$kubernetes-resource_configmap_portal_port"
|
|
questions:
|
|
- variable: portal
|
|
group: "Container Image"
|
|
label: "Configure Portal Button"
|
|
schema:
|
|
type: dict
|
|
hidden: true
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable"
|
|
description: "enable the portal button"
|
|
schema:
|
|
hidden: true
|
|
editable: false
|
|
type: boolean
|
|
default: true
|
|
# Update Policy
|
|
- variable: strategyType
|
|
group: "Container Image"
|
|
label: "Update Strategy"
|
|
schema:
|
|
type: string
|
|
default: "Recreate"
|
|
enum:
|
|
- value: "RollingUpdate"
|
|
description: "Create new pods and then kill old ones"
|
|
- value: "Recreate"
|
|
description: "Kill existing pods before creating new ones"
|
|
# Configure Bitwarden:
|
|
- variable: bitwardenrs
|
|
label: ""
|
|
group: "Configuration"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: yubico
|
|
label: "Yubico OPT authentication"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable Yubico OPT authentication"
|
|
description: "Please refer to the manual at: https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-Yubikey-OTP-authentication"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: server
|
|
label: "Yubico server"
|
|
description: "Defaults to YubiCloud"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: clientId
|
|
label: "Yubico ID"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: secretKey
|
|
label: "Yubico Secret Key"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: admin
|
|
label: "Admin Portal"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable Admin Portal"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: disableAdminToken
|
|
label: "Make Accessible Without Password/Token"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: token
|
|
label: "Admin Portal Password/Token"
|
|
description: "Will be automatically generated if not defined"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: icons
|
|
label: "Icon Download Settings"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: disableDownload
|
|
label: "Disable Icon Download"
|
|
description: "Disables download of external icons. Setting to true will still serve icons from cache (/data/icon_cache)"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: cache
|
|
label: "Cache time-to-live"
|
|
description: "Cache time-to-live for icons fetched. 0 means no purging"
|
|
schema:
|
|
type: int
|
|
default: 2592000
|
|
- variable: token
|
|
label: "Failed Downloads Cache time-to-live"
|
|
description: "Cache time-to-live for icons that were not available. 0 means no purging."
|
|
schema:
|
|
type: int
|
|
default: 2592000
|
|
- variable: log
|
|
label: "Logging"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: level
|
|
label: "Log level"
|
|
schema:
|
|
type: string
|
|
default: "info"
|
|
required: true
|
|
enum:
|
|
- value: "trace"
|
|
description: "trace"
|
|
- value: "debug"
|
|
description: "debug"
|
|
- value: "info"
|
|
description: "info"
|
|
- value: "warn"
|
|
description: "warn"
|
|
- value: "error"
|
|
description: "error"
|
|
- value: "off"
|
|
description: "off"
|
|
- variable: file
|
|
label: "Log-File Location"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: smtp
|
|
label: "SMTP Settings (Email)"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable SMTP Support"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: host
|
|
label: "SMTP hostname"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: from
|
|
label: "SMTP sender e-mail address"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: fromName
|
|
label: "SMTP sender name"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: user
|
|
label: "SMTP username"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: password
|
|
label: "SMTP password"
|
|
description: "Required is user is specified, ignored if no user provided"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: ssl
|
|
label: "Enable SSL connection"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: port
|
|
label: "SMTP port"
|
|
description: "Usually: 25 without SSL, 587 with SSL"
|
|
schema:
|
|
type: int
|
|
default: 587
|
|
- variable: authMechanism
|
|
label: "SMTP Authentication Mechanisms"
|
|
description: "Comma-separated options: Plain, Login and Xoauth2"
|
|
schema:
|
|
type: string
|
|
default: "Plain"
|
|
- variable: heloName
|
|
label: "SMTP HELO - Hostname"
|
|
description: "Hostname to be sent for SMTP HELO. Defaults to pod name"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: port
|
|
label: "SMTP timeout"
|
|
schema:
|
|
type: int
|
|
default: 15
|
|
- variable: invalidHostname
|
|
label: "Accept Invalid Hostname"
|
|
description: "Accept SSL session if certificate is valid but hostname doesn't match. DANGEROUS, vulnerable to men-in-the-middle attacks!"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: invalidCertificate
|
|
label: "Accept Invalid Certificate"
|
|
description: "Accept invalid certificates. DANGEROUS, vulnerable to men-in-the-middle attacks!"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: allowSignups
|
|
label: "Allow Signup"
|
|
description: "Allow any user to sign-up: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-registration-of-new-users"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: allowInvitation
|
|
label: "Always allow Invitation"
|
|
description: "Allow invited users to sign-up even feature is disabled: https://github.com/dani-garcia/bitwarden_rs/wiki/Disable-invitations"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: defaultInviteName
|
|
label: "Default Invite Organisation Name"
|
|
description: "Default organization name in invitation e-mails that are not coming from a specific organization."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: showPasswordHint
|
|
label: "Show password hints"
|
|
description: "https://github.com/dani-garcia/bitwarden_rs/wiki/Password-hint-display"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: signupwhitelistenable
|
|
label: "Enable Signup Whitelist"
|
|
description: "allowSignups is ignored if set"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: signupDomains
|
|
label: "Signup Whitelist Domains"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: domain
|
|
label: "Domain"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: verifySignup
|
|
label: "Verifiy Signup"
|
|
description: "Verify e-mail before login is enabled. SMTP must be enabled"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: requireEmail
|
|
label: "Block Login if email fails"
|
|
description: "When a user logs in an email is required to be sent. If sending the email fails the login attempt will fail. SMTP must be enabled"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: emailAttempts
|
|
label: "Email token reset attempts"
|
|
description: "Maximum attempts before an email token is reset and a new email will need to be sent"
|
|
schema:
|
|
type: int
|
|
default: 3
|
|
- variable: emailTokenExpiration
|
|
label: "Email token validity in seconds"
|
|
schema:
|
|
type: int
|
|
default: 600
|
|
- variable: enableWebsockets
|
|
label: "Enable Websocket Connections"
|
|
description: "Enable Websockets for notification. https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
hidden: true
|
|
- variable: enableWebVault
|
|
label: "Enable Webvault"
|
|
description: "Enable Web Vault (static content). https://github.com/dani-garcia/bitwarden_rs/wiki/Disabling-or-overriding-the-Vault-interface-hosting"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: orgCreationUsers
|
|
label: "Limit Organisation Creation to (users)"
|
|
description: "Restrict creation of orgs. Options are: 'all', 'none' or a comma-separated list of users."
|
|
schema:
|
|
type: string
|
|
default: "all"
|
|
- variable: attachmentLimitOrg
|
|
label: "Limit Attachment Disk Usage per Organisation"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: attachmentLimitUser
|
|
label: "Limit Attachment Disk Usage per User"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: hibpApiKey
|
|
label: "HaveIBeenPwned API Key"
|
|
description: "Can be purchased at https://haveibeenpwned.com/API/Key"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: env
|
|
group: "Configuration"
|
|
label: "Image Environment"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: TZ
|
|
label: "Timezone"
|
|
schema:
|
|
type: string
|
|
default: "Etc/UTC"
|
|
$ref:
|
|
- "definitions/timezone"
|
|
- variable: UMASK
|
|
label: "UMASK"
|
|
description: "Sets the UMASK env var for LinuxServer.io (compatible) containers"
|
|
schema:
|
|
type: string
|
|
default: "002"
|
|
# Configure Enviroment Variables
|
|
- variable: envList
|
|
label: "Image environment"
|
|
group: "Configuration"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: envItem
|
|
label: "Environment Variable"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: "Name"
|
|
schema:
|
|
type: string
|
|
- variable: value
|
|
label: "Value"
|
|
schema:
|
|
type: string
|
|
# Enable Host Networking
|
|
- variable: hostNetwork
|
|
group: "Networking"
|
|
label: "Enable Host Networking"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
hidden: true
|
|
- variable: service
|
|
group: "Networking"
|
|
label: "Configure Service(s)"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable the service"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
hidden: true
|
|
- variable: type
|
|
label: "Service Type"
|
|
description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
|
|
schema:
|
|
type: string
|
|
default: "NodePort"
|
|
enum:
|
|
- value: "NodePort"
|
|
description: "NodePort"
|
|
- value: "ClusterIP"
|
|
description: "ClusterIP"
|
|
- value: "LoadBalancer"
|
|
description: "LoadBalancer"
|
|
- variable: loadBalancerIP
|
|
label: "LoadBalancer IP"
|
|
description: "LoadBalancerIP"
|
|
schema:
|
|
show_if: [["type", "=", "LoadBalancer"]]
|
|
type: string
|
|
default: ""
|
|
- variable: externalIPs
|
|
label: "External IP's"
|
|
description: "External IP's"
|
|
schema:
|
|
show_if: [["type", "=", "LoadBalancer"]]
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: externalIP
|
|
label: "External IP"
|
|
schema:
|
|
type: string
|
|
- variable: ports
|
|
label: "Service's Port(s) Configuration"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: protocol
|
|
label: "Port Type"
|
|
schema:
|
|
type: string
|
|
default: "HTTP"
|
|
hidden: false
|
|
enum:
|
|
- value: HTTP
|
|
description: "HTTP"
|
|
- value: "HTTPS"
|
|
description: "HTTPS"
|
|
- value: TCP
|
|
description: "TCP"
|
|
- value: "UDP"
|
|
description: "UDP"
|
|
- variable: port
|
|
label: "Container Port"
|
|
schema:
|
|
type: int
|
|
default: 8080
|
|
editable: false
|
|
hidden: true
|
|
- variable: targetport
|
|
label: "Target Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 8080
|
|
editable: true
|
|
hidden: false
|
|
required: true
|
|
- variable: nodePort
|
|
label: "Node Port (Optional)"
|
|
description: "This port gets exposed to the node. Only considered when service type is NodePort"
|
|
schema:
|
|
type: int
|
|
min: 9000
|
|
max: 65535
|
|
default: 36000
|
|
required: true
|
|
- variable: ws
|
|
label: "WebSocket Service"
|
|
description: "WebSocket Service"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable the service"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
hidden: true
|
|
- variable: type
|
|
label: "Service Type"
|
|
description: "ClusterIP's are only internally available, nodePorts expose the container to the host node System, Loadbalancer exposes the service using the system loadbalancer"
|
|
schema:
|
|
type: string
|
|
default: "ClusterIP"
|
|
enum:
|
|
- value: "NodePort"
|
|
description: "NodePort"
|
|
- value: "ClusterIP"
|
|
description: "ClusterIP"
|
|
- value: "LoadBalancer"
|
|
description: "LoadBalancer"
|
|
- variable: loadBalancerIP
|
|
label: "LoadBalancer IP"
|
|
description: "LoadBalancerIP"
|
|
schema:
|
|
show_if: [["type", "=", "LoadBalancer"]]
|
|
type: string
|
|
default: ""
|
|
- variable: externalIPs
|
|
label: "External IP's"
|
|
description: "External IP's"
|
|
schema:
|
|
show_if: [["type", "=", "LoadBalancer"]]
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: externalIP
|
|
label: "External IP"
|
|
schema:
|
|
type: string
|
|
- variable: ports
|
|
label: "Service's Port(s) Configuration"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: ws
|
|
label: "WebSocket Service Port Configuration"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: protocol
|
|
label: "Port Type"
|
|
schema:
|
|
type: string
|
|
default: "HTTP"
|
|
hidden: false
|
|
enum:
|
|
- value: HTTP
|
|
description: "HTTP"
|
|
- value: "HTTPS"
|
|
description: "HTTPS"
|
|
- value: TCP
|
|
description: "TCP"
|
|
- value: "UDP"
|
|
description: "UDP"
|
|
- variable: port
|
|
label: "Container Port"
|
|
schema:
|
|
type: int
|
|
default: 3012
|
|
editable: false
|
|
hidden: true
|
|
- variable: targetport
|
|
label: "Target Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 3012
|
|
editable: true
|
|
hidden: false
|
|
required: true
|
|
- variable: nodePort
|
|
label: "Node Port (Optional)"
|
|
description: "This port gets exposed to the node. Only considered when service type is NodePort"
|
|
schema:
|
|
type: int
|
|
min: 9000
|
|
max: 65535
|
|
default: 36001
|
|
required: true
|
|
## TrueCharts Specific
|
|
- variable: persistence
|
|
label: "Integrated Persistent Storage"
|
|
description: "Integrated Persistent Storage"
|
|
group: "Storage"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: data
|
|
label: "App Config Storage"
|
|
description: "Stores the Application Configuration."
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable the storage"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
hidden: false
|
|
- variable: storageClass
|
|
label: "Type of Storage"
|
|
description: " Warning: Anything other than SCALE-ZFS will break rollback!"
|
|
schema:
|
|
type: string
|
|
default: "SCALE-ZFS"
|
|
- variable: mountPath
|
|
label: "mountPath"
|
|
description: "Path inside the container the storage is mounted"
|
|
schema:
|
|
type: string
|
|
default: "/data"
|
|
hidden: true
|
|
- variable: emptyDir
|
|
label: "EmptyDir Volume"
|
|
schema:
|
|
type: dict
|
|
hidden: false
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Use emptyDir volume"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
hidden: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: medium
|
|
label: "EmptyDir Medium"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "Memory"
|
|
description: "Memory"
|
|
- variable: accessMode
|
|
label: "Access Mode (Advanced)"
|
|
description: "Allow or disallow multiple PVC's writhing to the same PVC"
|
|
schema:
|
|
type: string
|
|
default: "ReadWriteOnce"
|
|
enum:
|
|
- value: "ReadWriteOnce"
|
|
description: "ReadWriteOnce"
|
|
- value: "ReadOnlyMany"
|
|
description: "ReadOnlyMany"
|
|
- value: "ReadWriteMany"
|
|
description: "ReadWriteMany"
|
|
- variable: size
|
|
label: "Size quotum of storage"
|
|
schema:
|
|
type: string
|
|
default: "100Gi"
|
|
- variable: db
|
|
label: "Database Storage"
|
|
description: "Stores the Application database."
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable the storage"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
hidden: true
|
|
- variable: nameOverride
|
|
label: "Override PVC Name (advanced)"
|
|
description: "Forces a certain name for the PVC"
|
|
schema:
|
|
type: string
|
|
default: "db"
|
|
hidden: true
|
|
- variable: storageClass
|
|
label: "Type of Storage"
|
|
description: " Warning: Anything other than SCALE-ZFS will break rollback!"
|
|
schema:
|
|
type: string
|
|
default: "SCALE-ZFS"
|
|
- variable: mountPath
|
|
label: "mountPath"
|
|
description: "Path inside the container the storage is mounted"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
hidden: true
|
|
- variable: emptyDir
|
|
label: "EmptyDir Volume"
|
|
schema:
|
|
type: dict
|
|
hidden: false
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Use emptyDir volume"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
hidden: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: medium
|
|
label: "EmptyDir Medium"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "Memory"
|
|
description: "Memory"
|
|
- variable: accessMode
|
|
label: "Access Mode (Advanced)"
|
|
description: "Allow or disallow multiple PVC's writhing to the same PVC"
|
|
schema:
|
|
type: string
|
|
default: "ReadWriteOnce"
|
|
enum:
|
|
- value: "ReadWriteOnce"
|
|
description: "ReadWriteOnce"
|
|
- value: "ReadOnlyMany"
|
|
description: "ReadOnlyMany"
|
|
- value: "ReadWriteMany"
|
|
description: "ReadWriteMany"
|
|
- variable: size
|
|
label: "Size quotum of storage"
|
|
schema:
|
|
type: string
|
|
default: "100Gi"
|
|
- variable: dbbackup
|
|
label: "Database Backup Storage"
|
|
description: "Stores the Application database backups."
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable the storage"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
hidden: false
|
|
- variable: storageClass
|
|
label: "Type of Storage"
|
|
description: " Warning: Anything other than Internal will break rollback!"
|
|
schema:
|
|
type: string
|
|
default: "SCALE-ZFS"
|
|
- variable: mountPath
|
|
label: "mountPath"
|
|
description: "Path inside the container the storage is mounted"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
hidden: true
|
|
- variable: emptyDir
|
|
label: "EmptyDir Volume"
|
|
schema:
|
|
type: dict
|
|
hidden: false
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Use emptyDir volume"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
hidden: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: medium
|
|
label: "EmptyDir Medium"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "Memory"
|
|
description: "Memory"
|
|
- variable: accessMode
|
|
label: "Access Mode (Advanced)"
|
|
description: "Allow or disallow multiple PVC's writhing to the same PVC"
|
|
schema:
|
|
type: string
|
|
default: "ReadWriteOnce"
|
|
enum:
|
|
- value: "ReadWriteOnce"
|
|
description: "ReadWriteOnce"
|
|
- value: "ReadOnlyMany"
|
|
description: "ReadOnlyMany"
|
|
- value: "ReadWriteMany"
|
|
description: "ReadWriteMany"
|
|
- variable: size
|
|
label: "Size quotum of storage"
|
|
schema:
|
|
type: string
|
|
default: "100Gi"
|
|
- variable: hostPathMounts
|
|
label: "Custom app storage"
|
|
group: "Storage"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: volumeMount
|
|
label: "Custom Storage"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enabled"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
required: true
|
|
hidden: true
|
|
editable: false
|
|
- variable: setPermissions
|
|
label: "Automatic Permissions"
|
|
description: "Automatically set permissions on install"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
hidden: false
|
|
- variable: readOnly
|
|
label: "Mount as ReadOnly"
|
|
description: "prevent any write from being done to the mounted volume"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
hidden: false
|
|
- variable: emptyDir
|
|
label: "EmptyDir Volume"
|
|
schema:
|
|
type: dict
|
|
hidden: false
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Use emptyDir volume"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
hidden: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: medium
|
|
label: "EmptyDir Medium"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
enum:
|
|
- value: ""
|
|
description: "Default"
|
|
- value: "Memory"
|
|
description: "Memory"
|
|
- variable: mountPath
|
|
label: "Mount Path"
|
|
description: "Path to mount inside the pod"
|
|
schema:
|
|
type: path
|
|
required: true
|
|
default: ""
|
|
editable: true
|
|
- variable: hostPath
|
|
label: "Host Path"
|
|
description: "Path on the host to mount inside the container, ignored when emptyDir is enabled"
|
|
schema:
|
|
type: hostpath
|
|
required: true
|
|
# Enable privileged
|
|
- variable: securityContext
|
|
group: "Security"
|
|
label: "Security Context"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: privileged
|
|
label: "Enable privileged mode for Common-Chart based charts"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
# Set Pod Security Policy
|
|
- variable: podSecurityContext
|
|
group: "Security"
|
|
label: "Pod Security Context"
|
|
schema:
|
|
type: dict
|
|
attrs:
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: supplementalGroups
|
|
label: "supplementalGroups"
|
|
description: "Additional groups this App needs access to"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: Group
|
|
label: "Group"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: fsGroupChangePolicy
|
|
label: "When should we take ownership?"
|
|
schema:
|
|
type: string
|
|
default: "OnRootMismatch"
|
|
enum:
|
|
- value: "OnRootMismatch"
|
|
description: "OnRootMismatch"
|
|
- value: "Always"
|
|
description: "Always"
|