1274 lines
45 KiB
YAML
1274 lines
45 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
protocols:
|
|
- "$kubernetes-resource_configmap_portal_protocol"
|
|
host:
|
|
- "$kubernetes-resource_configmap_portal_host"
|
|
ports:
|
|
- "$kubernetes-resource_configmap_portal_port"
|
|
questions:
|
|
- variable: portal
|
|
group: "Container Image"
|
|
label: "Configure Portal Button"
|
|
schema:
|
|
type: dict
|
|
hidden: true
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable"
|
|
description: "enable the portal button"
|
|
schema:
|
|
hidden: true
|
|
editable: false
|
|
type: boolean
|
|
default: true
|
|
# Include{global}
|
|
- variable: controller
|
|
group: "Controller"
|
|
label: ""
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: advanced
|
|
label: "Show Advanced Controller Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: type
|
|
description: "Please specify type of workload to deploy"
|
|
label: "(Advanced) Controller Type"
|
|
schema:
|
|
type: string
|
|
default: "deployment"
|
|
required: true
|
|
enum:
|
|
- value: "deployment"
|
|
description: "Deployment"
|
|
- value: "statefulset"
|
|
description: "Statefulset"
|
|
- value: "daemonset"
|
|
description: "Daemonset"
|
|
- variable: replicas
|
|
description: "Number of desired pod replicas"
|
|
label: "Desired Replicas"
|
|
schema:
|
|
type: int
|
|
default: 1
|
|
required: true
|
|
- variable: strategy
|
|
description: "Please specify type of workload to deploy"
|
|
label: "(Advanced) Update Strategy"
|
|
schema:
|
|
type: string
|
|
default: "Recreate"
|
|
required: true
|
|
enum:
|
|
- value: "Recreate"
|
|
description: "Recreate: Kill existing pods before creating new ones"
|
|
- value: "RollingUpdate"
|
|
description: "RollingUpdate: Create new pods and then kill old ones"
|
|
- value: "OnDelete"
|
|
description: "(Legacy) OnDelete: ignore .spec.template changes"
|
|
# Include{controllerExpert}
|
|
- variable: env
|
|
group: "Container Configuration"
|
|
label: "Image Environment"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: ROOT_URL
|
|
label: "ROOT_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
required: true
|
|
- variable: BROWSER_POLICY_ENABLED
|
|
label: "BROWSER_POLICY_ENABLED"
|
|
description: "Enable browser policy and allow one trusted URL that can have iframe that has Wekan embedded inside."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: TRUSTED_URL
|
|
label: "TRUSTED_URL"
|
|
description: "When browser policy is enabled, HTML code at this Trusted URL can have iframe that embeds Wekan inside."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: logoutenabled
|
|
label: "Logout/Login Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: LOGOUT_WITH_TIMER
|
|
label: "LOGOUT_WITH_TIMER"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LOGOUT_IN
|
|
label: "LOGOUT_IN (Days)"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: LOGOUT_ON_HOURS
|
|
label: "LOGOUT_ON_HOURS"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: LOGOUT_ON_MINUTES
|
|
label: "LOGOUT_ON_MINUTES"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: ACCOUNTS_COMMON_LOGIN_EXPIRATION_IN_DAYS
|
|
label: "ACCOUNTS_COMMON_LOGIN_EXPIRATION_IN_DAYS"
|
|
schema:
|
|
type: int
|
|
default: 90
|
|
- variable: passwordnabled
|
|
label: "Password Brute Force Protection Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE
|
|
label: "ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE"
|
|
schema:
|
|
type: int
|
|
default: 3
|
|
- variable: ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD
|
|
label: "ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD"
|
|
schema:
|
|
type: int
|
|
default: 60
|
|
- variable: ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW
|
|
label: "ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW"
|
|
schema:
|
|
type: int
|
|
default: 15
|
|
- variable: ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE
|
|
label: "ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE"
|
|
schema:
|
|
type: int
|
|
default: 3
|
|
- variable: ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD
|
|
label: "ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD"
|
|
schema:
|
|
type: int
|
|
default: 60
|
|
- variable: ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW
|
|
label: "ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW"
|
|
schema:
|
|
type: int
|
|
default: 15
|
|
- variable: imagenabled
|
|
label: "Image Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: MAX_IMAGE_PIXEL
|
|
label: "MAX_IMAGE_PIXEL"
|
|
schema:
|
|
type: int
|
|
default: 1024
|
|
- variable: IMAGE_COMPRESS_RATIO
|
|
label: "IMAGE_COMPRESS_RATIO"
|
|
schema:
|
|
type: int
|
|
default: 80
|
|
- variable: mailenabled
|
|
label: "Mail Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: MAIL_URL
|
|
label: "MAIL_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: MAIL_SERVICE_USER
|
|
label: "MAIL_SERVICE_USER"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: MAIL_SERVICE_PASSWORD
|
|
label: "MAIL_SERVICE_PASSWORD"
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: MAIL_SERVICE
|
|
label: "MAIL_SERVICE"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: notificationsenabled
|
|
label: "Notifications Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: BIGEVENTS_PATTERN
|
|
label: "BIGEVENTS_PATTERN"
|
|
schema:
|
|
type: string
|
|
default: "NONE"
|
|
- variable: NOTIFICATION_TRAY_AFTER_READ_DAYS_BEFORE_REMOVE
|
|
label: "NOTIFICATION_TRAY_AFTER_READ_DAYS_BEFORE_REMOVE"
|
|
description: "Number of days after a notification is read before we remove it."
|
|
schema:
|
|
type: int
|
|
default: 90
|
|
- variable: EMAIL_NOTIFICATION_TIMEOUT
|
|
label: "EMAIL_NOTIFICATION_TIMEOUT"
|
|
schema:
|
|
type: int
|
|
default: 30000
|
|
- variable: NOTIFY_DUE_DAYS_BEFORE_AND_AFTER
|
|
label: "NOTIFY_DUE_DAYS_BEFORE_AND_AFTER"
|
|
description: "Notify due days, default is None, 2 days before and on the event day"
|
|
schema:
|
|
type: string
|
|
default: "2,0"
|
|
- variable: NOTIFY_DUE_AT_HOUR_OF_DAY
|
|
label: "NOTIFY_DUE_AT_HOUR_OF_DAY"
|
|
description: "Notify due at hour of day."
|
|
schema:
|
|
type: int
|
|
default: 8
|
|
- variable: personalizationenabled
|
|
label: "UX Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: RESULTS_PER_PAGE
|
|
label: "RESULTS_PER_PAGE"
|
|
schema:
|
|
type: int
|
|
default: 20
|
|
required: true
|
|
- variable: RICHER_CARD_COMMENT_EDITOR
|
|
label: "RICHER_CARD_COMMENT_EDITOR"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: CARD_OPENED_WEBHOOK_ENABLED
|
|
label: "CARD_OPENED_WEBHOOK_ENABLED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: PASSWORD_LOGIN_ENABLED
|
|
label: "PASSWORD_LOGIN_ENABLED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: WAIT_SPINNER
|
|
label: "WAIT_SPINNER"
|
|
description: "Sets the Wait Spinner animation"
|
|
schema:
|
|
type: string
|
|
default: "Bounce"
|
|
enum:
|
|
- value: "Bounce"
|
|
description: "Bounce"
|
|
- value: "Cube"
|
|
description: "Cube"
|
|
- value: "Cube-Grid"
|
|
description: "Cube-Grid"
|
|
- value: "Dot"
|
|
description: "Dot"
|
|
- value: "Double-Bounce"
|
|
description: "Double-Bounce"
|
|
- value: "Rotateplane"
|
|
description: "Rotateplane"
|
|
- value: "Scaleout"
|
|
description: "Scaleout"
|
|
- value: "Wave"
|
|
description: "Wave"
|
|
- variable: backendenabled
|
|
label: "Backend Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: WITH_API
|
|
label: "WITH_API"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: WEBHOOKS_ATTRIBUTES
|
|
label: "WEBHOOKS_ATTRIBUTES"
|
|
description: "What to send to Outgoing Webhook."
|
|
schema:
|
|
type: string
|
|
default: "cardId,listId,oldListId,boardId,comment,user,card,commentId,swimlaneId,customerField,customFieldValue"
|
|
- variable: corsenabled
|
|
label: "CORS Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: CORS
|
|
label: "CORS"
|
|
schema:
|
|
type: string
|
|
default: "*"
|
|
- variable: CORS_ALLOW_HEADERS
|
|
label: "CORS_ALLOW_HEADERS"
|
|
schema:
|
|
type: string
|
|
default: "Authorization,Content-Type"
|
|
- variable: CORS_EXPOSE_HEADERS
|
|
label: "CORS_EXPOSE_HEADERS"
|
|
schema:
|
|
type: string
|
|
default: "*"
|
|
- variable: matomoenabled
|
|
label: "Matomo Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: MATOMO_ADDRESS
|
|
label: "MATOMO_ADDRESS"
|
|
description: "The address of the server where Matomo is hosted."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: MATOMO_SITE_ID
|
|
label: "MATOMO_SITE_ID"
|
|
description: "The value of the site ID given in Matomo server for Wekan."
|
|
schema:
|
|
type: int
|
|
default: 1
|
|
- variable: MATOMO_DO_NOT_TRACK
|
|
label: "MATOMO_DO_NOT_TRACK"
|
|
description: "The option do not track which enables users to not be tracked by matomo."
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: MATOMO_WITH_USERNAME
|
|
label: "MATOMO_WITH_USERNAME"
|
|
description: "The option that allows matomo to retrieve the username."
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: ORACLE_OIM_ENABLED
|
|
label: "ORACLE_OIM_ENABLED"
|
|
description: "OAUTH2 ORACLE on premise identity manager OIM"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: oatuhncenabled
|
|
label: "OAUTH2 Nextcloud Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: OAUTH2_ENABLED
|
|
label: "OAUTH2_ENABLED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: OAUTH2_LOGIN_STYLE
|
|
label: "OAUTH2_LOGIN_STYLE"
|
|
description: "OAuth2 login style: popup or redirect."
|
|
schema:
|
|
type: string
|
|
default: "redirect"
|
|
enum:
|
|
- value: "redirect"
|
|
description: "redirect"
|
|
- value: "popup"
|
|
description: "popup"
|
|
- variable: OAUTH2_CLIENT_ID
|
|
label: "OAUTH2_CLIENT_ID"
|
|
description: "Application GUID captured during app registration"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_SECRET
|
|
label: "OAUTH2_SECRET"
|
|
description: "Secret key generated during app registration"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_SERVER_URL
|
|
label: "OAUTH2_SERVER_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_AUTH_ENDPOINT
|
|
label: "OAUTH2_AUTH_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_USERINFO_ENDPOINT
|
|
label: "OAUTH2_USERINFO_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_TOKEN_ENDPOINT
|
|
label: "OAUTH2_TOKEN_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_ID_MAP
|
|
label: "OAUTH2_ID_MAP"
|
|
description: "The claim name you want to map to the unique ID field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_USERNAME_MAP
|
|
label: "OAUTH2_USERNAME_MAP"
|
|
description: "The claim name you want to map to the username field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_FULLNAME_MAP
|
|
label: "OAUTH2_FULLNAME_MAP"
|
|
description: "The claim name you want to map to the full name field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_EMAIL_MAP
|
|
label: "OAUTH2_EMAIL_MAP"
|
|
description: "The claim name you want to map to the email field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: oatuhkeycloackenabled
|
|
label: "OAUTH2 Keycloack Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: OAUTH2_ENABLED
|
|
label: "OAUTH2_ENABLED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: OAUTH2_LOGIN_STYLE
|
|
label: "OAUTH2_LOGIN_STYLE"
|
|
description: "OAuth2 login style: popup or redirect."
|
|
schema:
|
|
type: string
|
|
default: "redirect"
|
|
enum:
|
|
- value: "redirect"
|
|
description: "redirect"
|
|
- value: "popup"
|
|
description: "popup"
|
|
- variable: OAUTH2_CLIENT_ID
|
|
label: "OAUTH2_CLIENT_ID"
|
|
description: "Application GUID captured during app registration"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_SECRET
|
|
label: "OAUTH2_SECRET"
|
|
description: "Secret key generated during app registration"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_SERVER_URL
|
|
label: "OAUTH2_SERVER_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_AUTH_ENDPOINT
|
|
label: "OAUTH2_AUTH_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_USERINFO_ENDPOINT
|
|
label: "OAUTH2_USERINFO_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_TOKEN_ENDPOINT
|
|
label: "OAUTH2_TOKEN_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: oatuhdoorkeeperenabled
|
|
label: "OAUTH2 Doorkeeper Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: OAUTH2_ENABLED
|
|
label: "OAUTH2_ENABLED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: OAUTH2_LOGIN_STYLE
|
|
label: "OAUTH2_LOGIN_STYLE"
|
|
description: "OAuth2 login style: popup or redirect."
|
|
schema:
|
|
type: string
|
|
default: "redirect"
|
|
enum:
|
|
- value: "redirect"
|
|
description: "redirect"
|
|
- value: "popup"
|
|
description: "popup"
|
|
- variable: OAUTH2_CLIENT_ID
|
|
label: "OAUTH2_CLIENT_ID"
|
|
description: "Application GUID captured during app registration"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_SECRET
|
|
label: "OAUTH2_SECRET"
|
|
description: "Secret key generated during app registration"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_SERVER_URL
|
|
label: "OAUTH2_SERVER_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_AUTH_ENDPOINT
|
|
label: "OAUTH2_AUTH_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_USERINFO_ENDPOINT
|
|
label: "OAUTH2_USERINFO_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_TOKEN_ENDPOINT
|
|
label: "OAUTH2_TOKEN_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_ID_TOKEN_WHITELIST_FIELDS
|
|
label: "OAUTH2_ID_TOKEN_WHITELIST_FIELDS"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_REQUEST_PERMISSIONS
|
|
label: "OAUTH2_REQUEST_PERMISSIONS"
|
|
description: "The claim name you want to map to the unique ID field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_ID_MAP
|
|
label: "OAUTH2_ID_MAP"
|
|
description: "The claim name you want to map to the unique ID field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_USERNAME_MAP
|
|
label: "OAUTH2_USERNAME_MAP"
|
|
description: "The claim name you want to map to the username field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_FULLNAME_MAP
|
|
label: "OAUTH2_FULLNAME_MAP"
|
|
description: "The claim name you want to map to the full name field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_EMAIL_MAP
|
|
label: "OAUTH2_EMAIL_MAP"
|
|
description: "The claim name you want to map to the email field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: oatuhazureenabled
|
|
label: "OAUTH2 Azure Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: OAUTH2_ENABLED
|
|
label: "OAUTH2_ENABLED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: OAUTH2_CA_CERT
|
|
label: "OAUTH2_CA_CERT"
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: OAUTH2_ADFS_ENABLED
|
|
label: "OAUTH2_ADFS_ENABLED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: OAUTH2_LOGIN_STYLE
|
|
label: "OAUTH2_LOGIN_STYLE"
|
|
description: "OAuth2 login style: popup or redirect."
|
|
schema:
|
|
type: string
|
|
default: "redirect"
|
|
enum:
|
|
- value: "redirect"
|
|
description: "redirect"
|
|
- value: "popup"
|
|
description: "popup"
|
|
- variable: OAUTH2_CLIENT_ID
|
|
label: "OAUTH2_CLIENT_ID"
|
|
description: "Application GUID captured during app registration"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_SECRET
|
|
label: "OAUTH2_SECRET"
|
|
description: "Secret key generated during app registration"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_SERVER_URL
|
|
label: "OAUTH2_SERVER_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_AUTH_ENDPOINT
|
|
label: "OAUTH2_AUTH_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_USERINFO_ENDPOINT
|
|
label: "OAUTH2_USERINFO_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_TOKEN_ENDPOINT
|
|
label: "OAUTH2_TOKEN_ENDPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_ID_MAP
|
|
label: "OAUTH2_ID_MAP"
|
|
description: "The claim name you want to map to the unique ID field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_USERNAME_MAP
|
|
label: "OAUTH2_USERNAME_MAP"
|
|
description: "The claim name you want to map to the username field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_FULLNAME_MAP
|
|
label: "OAUTH2_FULLNAME_MAP"
|
|
description: "The claim name you want to map to the full name field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: OAUTH2_EMAIL_MAP
|
|
label: "OAUTH2_EMAIL_MAP"
|
|
description: "The claim name you want to map to the email field."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: ldapenabled
|
|
label: "LDAP Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: LDAP_ENABLE
|
|
label: "LDAP_ENABLE"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: DEFAULT_AUTHENTICATION_METHOD
|
|
label: "DEFAULT_AUTHENTICATION_METHOD"
|
|
schema:
|
|
type: string
|
|
default: "ldap"
|
|
- variable: LDAP_PORT
|
|
label: "LDAP_PORT"
|
|
schema:
|
|
type: int
|
|
default: 389
|
|
- variable: LDAP_HOST
|
|
label: "LDAP_HOST"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_AD_SIMPLE_AUTH
|
|
label: "LDAP_AD_SIMPLE_AUTH"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LDAP_USER_AUTHENTICATION
|
|
label: "LDAP_USER_AUTHENTICATION"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LDAP_USER_AUTHENTICATION_FIELD
|
|
label: "LDAP_USER_AUTHENTICATION_FIELD"
|
|
schema:
|
|
type: string
|
|
default: "uid"
|
|
- variable: LDAP_DEFAULT_DOMAIN
|
|
label: "LDAP_DEFAULT_DOMAIN"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_BASEDN
|
|
label: "LDAP_BASEDN"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_LOGIN_FALLBACK
|
|
label: "LDAP_LOGIN_FALLBACK"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LDAP_RECONNECT
|
|
label: "LDAP_RECONNECT"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: LDAP_TIMEOUT
|
|
label: "LDAP_TIMEOUT"
|
|
schema:
|
|
type: int
|
|
default: 10000
|
|
- variable: LDAP_IDLE_TIMEOUT
|
|
label: "LDAP_IDLE_TIMEOUT"
|
|
schema:
|
|
type: int
|
|
default: 10000
|
|
- variable: LDAP_CONNECT_TIMEOUT
|
|
label: "LDAP_CONNECT_TIMEOUT"
|
|
schema:
|
|
type: int
|
|
default: 10000
|
|
- variable: LDAP_AUTHENTIFICATION
|
|
label: "LDAP_AUTHENTIFICATION"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: LDAP_AUTHENTIFICATION_USERDN
|
|
label: "LDAP_AUTHENTIFICATION_USERDN"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_AUTHENTIFICATION_PASSWORD
|
|
label: "LDAP_AUTHENTIFICATION_PASSWORD"
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: LDAP_LOG_ENABLED
|
|
label: "LDAP_LOG_ENABLED"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: LDAP_BACKGROUND_SYNC
|
|
label: "LDAP_BACKGROUND_SYNC"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: LDAP_BACKGROUND_SYNC_INTERVAL
|
|
label: "LDAP_BACKGROUND_SYNC_INTERVAL"
|
|
schema:
|
|
type: string
|
|
default: "every 1 hour"
|
|
- variable: LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED
|
|
label: "LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS
|
|
label: "LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LDAP_ENCRYPTION
|
|
label: "LDAP_ENCRYPTION"
|
|
schema:
|
|
type: string
|
|
default: "false"
|
|
- variable: LDAP_CA_CERT
|
|
label: "LDAP_CA_CERT"
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: LDAP_REJECT_UNAUTHORIZED
|
|
label: "LDAP_REJECT_UNAUTHORIZED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LDAP_USER_SEARCH_FILTER
|
|
label: "LDAP_USER_SEARCH_FILTER"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_USER_SEARCH_SCOPE
|
|
label: "LDAP_USER_SEARCH_SCOPE"
|
|
schema:
|
|
type: string
|
|
default: "one"
|
|
enum:
|
|
- value: "one"
|
|
description: "one"
|
|
- value: "base"
|
|
description: "base"
|
|
- value: "sub"
|
|
description: "sub"
|
|
- variable: LDAP_USER_SEARCH_FIELD
|
|
label: "LDAP_USER_SEARCH_FIELD"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_SEARCH_PAGE_SIZE
|
|
label: "LDAP_SEARCH_PAGE_SIZE"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: LDAP_SEARCH_SIZE_LIMIT
|
|
label: "LDAP_SEARCH_SIZE_LIMIT"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: LDAP_GROUP_FILTER_ENABLE
|
|
label: "LDAP_GROUP_FILTER_ENABLE"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LDAP_GROUP_FILTER_OBJECTCLASS
|
|
label: "LDAP_GROUP_FILTER_OBJECTCLASS"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE
|
|
label: "LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE
|
|
label: "LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT
|
|
label: "LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_GROUP_FILTER_GROUP_NAME
|
|
label: "LDAP_GROUP_FILTER_GROUP_NAME"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_UNIQUE_IDENTIFIER_FIELD
|
|
label: "LDAP_UNIQUE_IDENTIFIER_FIELD"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_UTF8_NAMES_SLUGIFY
|
|
label: "LDAP_UTF8_NAMES_SLUGIFY"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: LDAP_USERNAME_FIELD
|
|
label: "LDAP_USERNAME_FIELD"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_FULLNAME_FIELD
|
|
label: "LDAP_FULLNAME_FIELD"
|
|
schema:
|
|
type: string
|
|
default: "fullname"
|
|
- variable: LDAP_MERGE_EXISTING_USERS
|
|
label: "LDAP_MERGE_EXISTING_USERS"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LDAP_EMAIL_MATCH_ENABLE
|
|
label: "LDAP_EMAIL_MATCH_ENABLE"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: LDAP_EMAIL_MATCH_REQUIRE
|
|
label: "LDAP_EMAIL_MATCH_REQUIRE"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: LDAP_EMAIL_MATCH_VERIFIED
|
|
label: "LDAP_EMAIL_MATCH_VERIFIED"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: LDAP_EMAIL_FIELD
|
|
label: "LDAP_EMAIL_FIELD"
|
|
schema:
|
|
type: string
|
|
default: "mail"
|
|
- variable: LDAP_SYNC_USER_DATA
|
|
label: "LDAP_SYNC_USER_DATA"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: LDAP_SYNC_USER_DATA_FIELDMAP
|
|
label: "LDAP_SYNC_USER_DATA_FIELDMAP"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_SYNC_GROUP_ROLES
|
|
label: "LDAP_SYNC_GROUP_ROLES"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_SYNC_ADMIN_STATUS
|
|
label: "LDAP_SYNC_ADMIN_STATUS"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: LDAP_SYNC_ADMIN_GROUPS
|
|
label: "LDAP_SYNC_ADMIN_GROUPS"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: headerenabled
|
|
label: "LDAP Header Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: HEADER_LOGIN_ID
|
|
label: "HEADER_LOGIN_ID"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: HEADER_LOGIN_FIRSTNAME
|
|
label: "HEADER_LOGIN_FIRSTNAME"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: HEADER_LOGIN_LASTNAME
|
|
label: "HEADER_LOGIN_LASTNAME"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: HEADER_LOGIN_EMAIL
|
|
label: "HEADER_LOGIN_EMAIL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: casenabled
|
|
label: "CAS Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: CAS_ENABLED
|
|
label: "CAS_ENABLED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: CAS_BASE_URL
|
|
label: "CAS_BASE_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: CAS_LOGIN_URL
|
|
label: "CAS_LOGIN_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: CAS_VALIDATE_URL
|
|
label: "CAS_VALIDATE_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: samlenabled
|
|
label: "SAML Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: SAML_ENABLED
|
|
label: "SAML_ENABLED"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: SAML_PROVIDER
|
|
label: "SAML_PROVIDER"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_ENTRYPOINT
|
|
label: "SAML_ENTRYPOINT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_ISSUER
|
|
label: "SAML_ISSUER"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_CERT
|
|
label: "SAML_CERT"
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: SAML_IDPSLO_REDIRECTURL
|
|
label: "SAML_IDPSLO_REDIRECTURL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_PRIVATE_KEYFILE
|
|
label: "SAML_PRIVATE_KEYFILE"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_PUBLIC_CERTFILE
|
|
label: "SAML_PUBLIC_CERTFILE"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_IDENTIFIER_FORMAT
|
|
label: "SAML_IDENTIFIER_FORMAT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_LOCAL_PROFILE_MATCH_ATTRIBUTE
|
|
label: "SAML_LOCAL_PROFILE_MATCH_ATTRIBUTE"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SAML_ATTRIBUTES
|
|
label: "SAML_ATTRIBUTES"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
|
|
# Include{containerConfig}
|
|
|
|
- variable: service
|
|
group: "Networking and Services"
|
|
label: "Configure Service(s)"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelector}
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 10192
|
|
required: true
|
|
- variable: advanced
|
|
label: "Show Advanced settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: protocol
|
|
label: "Port Type"
|
|
schema:
|
|
type: string
|
|
default: "HTTP"
|
|
enum:
|
|
- value: HTTP
|
|
description: "HTTP"
|
|
- value: "HTTPS"
|
|
description: "HTTPS"
|
|
- value: TCP
|
|
description: "TCP"
|
|
- value: "UDP"
|
|
description: "UDP"
|
|
- variable: nodePort
|
|
label: "Node Port (Optional)"
|
|
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
|
|
schema:
|
|
type: int
|
|
min: 9000
|
|
max: 65535
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 8080
|
|
|
|
- variable: serviceexpert
|
|
group: "Networking and Services"
|
|
label: "Show Expert Config"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: hostNetwork
|
|
group: "Networking and Services"
|
|
label: "Host-Networking (Complicated)"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
|
|
# Include{serviceExpert}
|
|
|
|
# Include{serviceList}
|
|
|
|
- variable: persistence
|
|
label: "Integrated Persistent Storage"
|
|
description: "Integrated Persistent Storage"
|
|
group: "Storage and Persistence"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: data
|
|
label: "App Data Storage"
|
|
description: "Stores the Application Data."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
|
|
# Include{persistenceList}
|
|
|
|
- variable: ingress
|
|
label: ""
|
|
group: "Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "Main Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
|
|
# Include{ingressTLS}
|
|
|
|
# Include{ingressTraefik}
|
|
|
|
# Include{ingressExpert}
|
|
|
|
# Include{ingressList}
|
|
|
|
# Include{security}
|
|
|
|
- variable: advancedSecurity
|
|
label: "Show Advanced Security Settings"
|
|
group: "Security and Permissions"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: securityContext
|
|
label: "Security Context"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: privileged
|
|
label: "Privileged mode"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: "ReadOnly Root Filesystem"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: allowPrivilegeEscalation
|
|
label: "Allow Privilege Escalation"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
# Include{securityContextAdvanced}
|
|
|
|
- variable: podSecurityContext
|
|
group: "Security and Permissions"
|
|
label: "Pod Security Context"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: "The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 568
|
|
# Include{podSecurityContextAdvanced}
|
|
|
|
# Include{resources}
|
|
|
|
# Include{advanced}
|
|
|
|
# Include{addons}
|