598 lines
21 KiB
YAML
598 lines
21 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
# Include{portalLink}
|
|
questions:
|
|
# Include{global}
|
|
# Include{controller}
|
|
# Include{controllerDeployment}
|
|
# Include{replicas}
|
|
# Include{replica1}
|
|
# Include{strategy}
|
|
# Include{recreate}
|
|
# Include{controllerExpert}
|
|
# Include{controllerExpertExtraArgs}
|
|
- variable: blocky
|
|
group: Container Configuration
|
|
label: Blocky Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enableWebUI
|
|
label: Enable Web UI
|
|
description: Enables Web UI
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: enablePrometheus
|
|
label: Enable Prometheus Endpoint
|
|
description: Enables Prometheus Endpoint
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: overrideDefaults
|
|
group: Container Configuration
|
|
label: Override Default Upstreams
|
|
description: Overrides the predefined DNS server upstream list
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: defaultUpstreams
|
|
label: Default Upstreams
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: upstreamEntry
|
|
label: Upstream Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: upstreams
|
|
group: Container Configuration
|
|
label: Upstreams Groups
|
|
description:
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: upstreamsGroupEntry
|
|
label: Upstreams Group Entry
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Group Name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: upstreams
|
|
label: Upstreams
|
|
schema:
|
|
type: list
|
|
required: true
|
|
default: []
|
|
items:
|
|
- variable: upstreamEntry
|
|
label: upstream Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: conditional
|
|
group: Container Configuration
|
|
label: Conditional
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: rewrite
|
|
label: Rewrite
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: rewriteEntry
|
|
label: Rewrite Entry
|
|
schema:
|
|
type: dict
|
|
additional_attrs: true
|
|
attrs:
|
|
- variable: in
|
|
label: In
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: out
|
|
label: Out
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: mapping
|
|
label: Mapping
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: mappingEntry
|
|
label: Mapping Entry
|
|
schema:
|
|
type: dict
|
|
additional_attrs: true
|
|
attrs:
|
|
- variable: domain
|
|
label: Domain
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: dnsserver
|
|
label: DNS Server
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: blocking
|
|
group: Container Configuration
|
|
label: Blocking
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: blockType
|
|
label: Block Type
|
|
description: Set the response should be sent to the client, if a requested query is blocked
|
|
schema:
|
|
type: string
|
|
default: nxDomain
|
|
- variable: blockTTL
|
|
label: Block TTL
|
|
description: Set the TTL for answers to blocked domains
|
|
schema:
|
|
type: string
|
|
default: 6h
|
|
- variable: refreshPeriod
|
|
label: Refresh Period
|
|
description: Set how often blocky should refresh list cache
|
|
schema:
|
|
type: string
|
|
default: 4h
|
|
- variable: downloadTimeout
|
|
label: Download Timeout
|
|
description: Download attempt timeout
|
|
schema:
|
|
type: string
|
|
default: 60s
|
|
- variable: downloadAttempts
|
|
label: Download Attempts
|
|
description: How many download attempts should be performed
|
|
schema:
|
|
type: int
|
|
default: 3
|
|
- variable: downloadCooldown
|
|
label: Download Cooldown
|
|
description: Time between the download attempts
|
|
schema:
|
|
type: string
|
|
default: 2s
|
|
- variable: failStartOnListError
|
|
label: Fail Start on List Error
|
|
description: Fail to start if at least one list can't be downloaded or opened
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: processingConcurrency
|
|
label: Processing Concurrency
|
|
description: Sets how many list-groups can be processed at the same time
|
|
schema:
|
|
type: int
|
|
default: 4
|
|
- variable: whitelist
|
|
label: Whitelist
|
|
description: Define whitelists, either URL or file
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: whitelistEntry
|
|
label: Whitelist Group Entry
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Group Name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: lists
|
|
label: Lists
|
|
schema:
|
|
type: list
|
|
required: true
|
|
default: []
|
|
items:
|
|
- variable: listEntry
|
|
label: List Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: blacklist
|
|
label: Blacklist
|
|
description: Define blacklists, either URL or file
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: blacklistEntry
|
|
label: Blacklist Group Entry
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Group Name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: lists
|
|
label: Lists
|
|
schema:
|
|
type: list
|
|
required: true
|
|
default: []
|
|
items:
|
|
- variable: listEntry
|
|
label: List Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: clientGroupsBlock
|
|
label: Client Groups Block
|
|
description: Define, which blocking group(s) should be used for which client in your network.
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: clientGroupBlockEntry
|
|
label: Client Group Block Entry
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Client Group Name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: groups
|
|
label: Groups
|
|
schema:
|
|
type: list
|
|
required: true
|
|
default: []
|
|
items:
|
|
- variable: groupEntry
|
|
label: Group Entry
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: k8sgateway
|
|
group: Container Configuration
|
|
label: k8s-Gateway Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: Enable k8s-Gateway
|
|
description: Enables k8s-Gateway
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: domains
|
|
label: Domains
|
|
description: Please refer to CoreDNS docs for options
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: domainEntry
|
|
label: ""
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: domain
|
|
label: Domain name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: example.com
|
|
- variable: dnsChallenge
|
|
label: Forward dnsChallenge
|
|
description: Optional configuration option for DNS01 challenge that will redirect all acme
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: enabled
|
|
label: Enable
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: domain
|
|
label: Forward to Domain
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: dns01.clouddns.com
|
|
|
|
- variable: advancedOptions
|
|
label: Advanced Options
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_if: [["enabled", "=", "true"]]
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: ttl
|
|
label: ttl
|
|
description: TTL for non-apex responses (in seconds)
|
|
schema:
|
|
type: int
|
|
default: 300
|
|
- variable: watchedResources
|
|
label: Watched Resources
|
|
description: imit what kind of resources to watch, e.g. Ingress
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: watchedResource
|
|
label: Watched Resource
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: secondary
|
|
label: Secondary DNS Server Service
|
|
description: Service name of a secondary DNS server (should be serviceName.namespace)
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: apex
|
|
label: Apex
|
|
description: Override the default `serviceName.namespace` domain apex
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
# Include{containerConfig}
|
|
# Include{serviceRoot}
|
|
- variable: main
|
|
label: Main Service
|
|
description: The Primary service on which the healthcheck runs, often the webUI
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: main
|
|
label: Main Service Port Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: Port
|
|
description: This port exposes the container port on the service
|
|
schema:
|
|
type: int
|
|
default: 10315
|
|
required: true
|
|
# Include{advancedPortHTTP}
|
|
- variable: targetPort
|
|
label: Target Port
|
|
description: The internal(!) port on the container the Application runs on
|
|
schema:
|
|
type: int
|
|
default: 80
|
|
- variable: dns-tcp
|
|
label: DNS TCP Service
|
|
description: The DNS TCP service
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: dns-tcp
|
|
label: DNS TCP Port Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: Port
|
|
description: This port exposes the container port on the service
|
|
schema:
|
|
type: int
|
|
default: 53
|
|
required: true
|
|
# Include{advancedPortTCP}
|
|
- variable: targetPort
|
|
label: Target Port
|
|
description: The internal(!) port on the container the Application runs on
|
|
schema:
|
|
type: int
|
|
default: 53
|
|
- variable: dns-udp
|
|
label: DNS UDP Service
|
|
description: The DNS UDP service
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: dns-udp
|
|
label: DNS UDP Port Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: Port
|
|
description: This port exposes the container port on the service
|
|
schema:
|
|
type: int
|
|
default: 53
|
|
required: true
|
|
# Include{advancedPortUDP}
|
|
- variable: targetPort
|
|
label: Target Port
|
|
description: The internal(!) port on the container the Application runs on
|
|
schema:
|
|
type: int
|
|
default: 53
|
|
- variable: dot
|
|
label: DoT Service
|
|
description: "DNS-over-TLS service"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorClusterIP}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: dot
|
|
label: DoT Port Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: Port
|
|
description: This port exposes the container port on the service
|
|
schema:
|
|
type: int
|
|
default: 853
|
|
required: true
|
|
# Include{advancedPortUDP}
|
|
- variable: targetPort
|
|
label: Target Port
|
|
description: The internal(!) port on the container the Application runs on
|
|
schema:
|
|
type: int
|
|
default: 853
|
|
- variable: http
|
|
label: HTTP and Metrics Service
|
|
description: "service for things like metrics, pprof, API, DoH etc"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorClusterIP}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: http
|
|
label: HTTP and Metrics Port Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: Port
|
|
description: This port exposes the container port on the service
|
|
schema:
|
|
type: int
|
|
default: 4000
|
|
required: true
|
|
# Include{advancedPortUDP}
|
|
- variable: targetPort
|
|
label: Target Port
|
|
description: The internal(!) port on the container the Application runs on
|
|
schema:
|
|
type: int
|
|
default: 4000
|
|
# Include{serviceExpertRoot}
|
|
default: false
|
|
# Include{serviceExpert}
|
|
# Include{serviceList}
|
|
# Include{persistenceList}
|
|
# Include{ingressRoot}
|
|
- variable: main
|
|
label: Main Ingress
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
# Include{ingressTLS}
|
|
# Include{ingressTraefik}
|
|
# Include{ingressExpert}
|
|
# Include{ingressList}
|
|
# Include{security}
|
|
# Include{securityContextAdvancedRoot}
|
|
- variable: privileged
|
|
label: Privileged mode
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: ReadOnly Root Filesystem
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: allowPrivilegeEscalation
|
|
label: Allow Privilege Escalation
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: runAsNonRoot
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
# Include{securityContextAdvanced}
|
|
# Include{podSecurityContextRoot}
|
|
- variable: runAsUser
|
|
label: runAsUser
|
|
description: The UserID of the user running the application
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: runAsGroup
|
|
label: runAsGroup
|
|
description: The groupID this App of the user running the application
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: fsGroup
|
|
label: fsGroup
|
|
description: The group that should own ALL storage.
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{podSecurityContextAdvanced}
|
|
# Include{resources}
|
|
# Include{advanced}
|
|
# Include{addons}
|
|
# Include{documentation}
|