257 lines
8.9 KiB
YAML
257 lines
8.9 KiB
YAML
# Include{groups}
|
|
portals: {}
|
|
questions:
|
|
# Include{global}
|
|
# Include{controller}
|
|
# Include{controllerDeployment}
|
|
# Include{replicas}
|
|
# Include{replica1}
|
|
# Include{strategy}
|
|
# Include{recreate}
|
|
# Include{controllerExpert}
|
|
# Include{controllerExpertExtraArgs}
|
|
- variable: env
|
|
group: "Container Configuration"
|
|
label: "Image Environment"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: CLAMAV_NO_CLAMD
|
|
label: "NO CLAMD"
|
|
description: "Do not start clamd."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: CLAMAV_NO_FRESHCLAMD
|
|
label: "NO FRESHCLAMD"
|
|
description: "Do not start the freshclam daemon."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: CLAMAV_NO_MILTERD
|
|
label: "NO MILTERD"
|
|
description: "Do not start the clamav-milter daemon."
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: CLAMD_STARTUP_TIMEOUT
|
|
label: "STARTUP TIMEOUT"
|
|
description: "Seconds to wait for clamd to start."
|
|
schema:
|
|
type: int
|
|
default: 1800
|
|
- variable: FRESHCLAM_CHECKS
|
|
label: "FRESHCLAM CHECKS "
|
|
description: "Freshclam daily update frequency."
|
|
schema:
|
|
type: int
|
|
default: 1
|
|
- variable: clamav
|
|
group: "Container Configuration"
|
|
label: "ClamAV Cron Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: cron_enabled
|
|
label: "Enable cronjob"
|
|
description: "Enables automatic scan for /scandir"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: cron_schedule
|
|
label: "Cron Schedule"
|
|
description: "Enter a valid cron schedule"
|
|
schema:
|
|
type: string
|
|
default: "@daily"
|
|
required: true
|
|
- variable: log_file_name
|
|
label: "Log File Name"
|
|
description: "Log file name for the scan report. You will find this report in /logs/FILENAME_DATEFORMAT"
|
|
schema:
|
|
type: string
|
|
default: "clamscan_report"
|
|
required: true
|
|
- variable: date_format
|
|
label: "Date Format"
|
|
description: "Date format for the log file"
|
|
schema:
|
|
type: string
|
|
default: "MM-DD-YYYY_HH.MM.SS"
|
|
required: true
|
|
enum:
|
|
- value: "+%m-%d-%Y_%H.%M.%S"
|
|
description: "MM-DD-YYYY_HH.MM.SS"
|
|
- value: "+%Y-%m-%d_%H.%M.%S"
|
|
description: "YYYY-MM-DD_HH.MM.SS"
|
|
- value: "+%H.%M.%S_%m-%d-%Y"
|
|
description: "HH.MM.SS_MM-DD-YYYY"
|
|
- value: "+%H.%M.%S_%Y-%m-%d"
|
|
description: "HH.MM.SS_YYYY-MM-DD"
|
|
- variable: extra_args
|
|
label: "Extra Args"
|
|
description: "Set extra args for clamscan here. (https://linux.die.net/man/1/clamscan). We already set --log, --database and --recursive. Do not add those here."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
# Include{containerConfig}
|
|
# Include{serviceRoot}
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 3310
|
|
required: true
|
|
# Include{advancedPortHTTP}
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 3310
|
|
- variable: milter
|
|
label: "Milter Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelectorLoadBalancer}
|
|
# Include{serviceSelectorExtras}
|
|
- variable: milter
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 7357
|
|
required: true
|
|
# Include{advancedPortHTTP}
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 7357
|
|
# Include{serviceExpertRoot}
|
|
default: false
|
|
# Include{serviceExpert}
|
|
# Include{serviceList}
|
|
# Include{persistenceRoot}
|
|
- variable: sigdatabase
|
|
label: "App Signature Database Storage"
|
|
description: "Stores the Application Signature Database."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
- variable: scandir
|
|
label: "App Scan Dir Storage"
|
|
description: "Stores the Application Scan Directory. (By default set to readOnly)"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
- variable: logs
|
|
label: "App Logs Storage"
|
|
description: "Stores the Application Logs."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
# Include{persistenceList}
|
|
# Include{ingressRoot}
|
|
- variable: main
|
|
label: "Main Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
# Include{ingressTLS}
|
|
# Include{ingressTraefik}
|
|
# Include{ingressExpert}
|
|
# Include{ingressList}
|
|
# Include{security}
|
|
# Include{securityContextAdvancedRoot}
|
|
- variable: privileged
|
|
label: "Privileged mode"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: "ReadOnly Root Filesystem"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: allowPrivilegeEscalation
|
|
label: "Allow Privilege Escalation"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
# Include{securityContextAdvanced}
|
|
# Include{podSecurityContextRoot}
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: "The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{podSecurityContextAdvanced}
|
|
# Include{resources}
|
|
# Include{advanced}
|
|
# Include{addons}
|
|
# Include{codeserver}
|
|
# Include{promtail}
|
|
# Include{netshoot}
|
|
# Include{vpn}
|
|
# Include{documentation}
|