647 lines
24 KiB
YAML
647 lines
24 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
# Include{portalLink}
|
|
questions:
|
|
# Include{global}
|
|
# Include{controller}
|
|
# Include{controllerDeployment}
|
|
# Include{replicas}
|
|
# Include{replica1}
|
|
# Include{strategy}
|
|
# Include{recreate}
|
|
# Include{controllerExpert}
|
|
# Include{controllerExpertExtraArgs}
|
|
- variable: env
|
|
group: "Container Configuration"
|
|
label: "Image Environment"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: APP_URL
|
|
label: "APP_URL"
|
|
description: "This is the url to your application, beginning with http:// or https:// (if you're running Snipe-IT over SSL). This should not have a trailing slash."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
required: true
|
|
- variable: APP_FORCE_TLS
|
|
label: "APP_FORCE_TLS"
|
|
description: "Force use of HTTPS"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: APP_TRUSTED_PROXIES
|
|
label: "APP_TRUSTED_PROXIES"
|
|
description: "APP_TRUSTED_PROXIES"
|
|
schema:
|
|
type: string
|
|
default: "172.16.0.0/16"
|
|
required: true
|
|
- variable: APP_LOCALE
|
|
label: "APP_LOCALE"
|
|
description: "Set this to reflect the two-letter or 5-letter abbreviation for the language you'd like to use for Snipe-IT"
|
|
schema:
|
|
type: string
|
|
default: "en"
|
|
required: true
|
|
enum:
|
|
- value: "en"
|
|
description: "English (US)"
|
|
- value: "en-GB"
|
|
description: "English (UK)"
|
|
- value: "af"
|
|
description: "Afrikaans"
|
|
- value: "ar"
|
|
description: "Arabic"
|
|
- value: "bg"
|
|
description: "Bulgarian"
|
|
- value: "zh-CN"
|
|
description: "Chinese Simplified"
|
|
- value: "zh-TW"
|
|
description: "Chinese Traditional"
|
|
- value: "hr"
|
|
description: "Croatian"
|
|
- value: "cs"
|
|
description: "Czech"
|
|
- value: "da"
|
|
description: "Danish"
|
|
- value: "nl"
|
|
description: "Dutch"
|
|
- value: "et"
|
|
description: "Estonian"
|
|
- value: "fi"
|
|
description: "Finnish"
|
|
- value: "fr"
|
|
description: "French"
|
|
- value: "de"
|
|
description: "German"
|
|
- value: "el"
|
|
description: "Greek"
|
|
- value: "he"
|
|
description: "Hebrew"
|
|
- value: "hu"
|
|
description: "Hungarian"
|
|
- value: "id"
|
|
description: "Indonesian"
|
|
- value: "en-ID"
|
|
description: "English, Indonesia"
|
|
- value: "ga-IE"
|
|
description: "Irish"
|
|
- value: "it"
|
|
description: "Italian"
|
|
- value: "ja"
|
|
description: "Japanese"
|
|
- value: "ko"
|
|
description: "Korean"
|
|
- value: "lv"
|
|
description: "Latvian"
|
|
- value: "lt"
|
|
description: "Lithuanian"
|
|
- value: "ms"
|
|
description: "Malay"
|
|
- value: "mi"
|
|
description: "Maori"
|
|
- value: "mn"
|
|
description: "Mongolian"
|
|
- value: "no"
|
|
description: "Norwegian"
|
|
- value: "fa"
|
|
description: "Persian"
|
|
- value: "pl"
|
|
description: "Polish"
|
|
- value: "pt-PT"
|
|
description: "Portuguese"
|
|
- value: "pt-BR"
|
|
description: "Portuguese, Brazilian"
|
|
- value: "ro"
|
|
description: "Romanian"
|
|
- value: "ru"
|
|
description: "Russian"
|
|
- value: "es-ES"
|
|
description: "Spanish"
|
|
- value: "es-CO"
|
|
description: "Spanish, Colombia"
|
|
- value: "sv-SE"
|
|
description: "Swedish"
|
|
- value: "ta"
|
|
description: "Tamil"
|
|
- value: "tr"
|
|
description: "Turkish"
|
|
- value: "vi"
|
|
description: "Vietnamese"
|
|
- value: "zu"
|
|
description: "Zulu"
|
|
- variable: IMAGE_LIB
|
|
label: "IMAGE_LIB"
|
|
description: "GD Library or Imagemagick are required to generate barcodes for Snipe-IT"
|
|
schema:
|
|
type: string
|
|
default: "gd"
|
|
required: true
|
|
enum:
|
|
- value: "gd"
|
|
description: "GD Library"
|
|
- value: "imagick"
|
|
description: "ImageMagick"
|
|
- variable: sessionsettings
|
|
label: "Session Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: SESSION_LIFETIME
|
|
label: "SESSION_LIFETIME"
|
|
description: "Specify the time in minutes that the session should remain valid."
|
|
schema:
|
|
type: int
|
|
default: 30
|
|
required: true
|
|
- variable: EXPIRE_ON_CLOSE
|
|
label: "EXPIRE_ON_CLOSE"
|
|
description: "Specify whether or not the logged in session should be expired when the user closes their browser window."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: ENCRYPT
|
|
label: "ENCRYPT"
|
|
description: "Specify whether you wish to use encrypted cookies for your Snipe-IT sessions."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: COOKIE_NAME
|
|
label: "COOKIE_NAME"
|
|
description: "If you are running multiple Snipe-IT installs, you should probably set this to a unique name for each one so that your browser doesn't get sessions confused."
|
|
schema:
|
|
type: string
|
|
default: "snipeit_session"
|
|
required: true
|
|
- variable: COOKIE_DOMAIN
|
|
label: "COOKIE_DOMAIN"
|
|
description: "Specify what domain name Snipe-IT should honor cookies from.should be set to whatever the domain name is of your Snipe-IT installation if you choose to use it."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: SECURE_COOKIES
|
|
label: "SECURE_COOKIES"
|
|
description: "By setting this option to true, session cookies will only be sent back to the server if the browser has a HTTPS connection."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: API_TOKEN_EXPIRATION_YEARS
|
|
label: "API_TOKEN_EXPIRATION_YEARS"
|
|
description: "This sets how long the API tokens should be valid for."
|
|
schema:
|
|
type: int
|
|
default: 40
|
|
required: true
|
|
- variable: loginsettings
|
|
label: "Login Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: LOGIN_MAX_ATTEMPTS
|
|
label: "LOGIN_MAX_ATTEMPTS"
|
|
description: "The maximum number of failed attempts allowed before the user is throttled."
|
|
schema:
|
|
type: int
|
|
default: 5
|
|
required: true
|
|
- variable: LOGIN_LOCKOUT_DURATION
|
|
label: "LOGIN_LOCKOUT_DURATION"
|
|
description: " The duration (in seconds) that the user should be blocked from attempting to authenticate again."
|
|
schema:
|
|
type: int
|
|
default: 60
|
|
required: true
|
|
- variable: miscsettings
|
|
label: "Misc Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: ALLOW_IFRAMING
|
|
label: "ALLOW_IFRAMING"
|
|
description: "Set this to true if you need to run Snipe-IT within an iframe."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: APP_ALLOW_INSECURE_HOSTS
|
|
label: "APP_ALLOW_INSECURE_HOSTS"
|
|
description: "Set this to this to true ONLY if you if you cannot make your APP_URL match the actual URL of your application, and your hosting environment is secure and not accessible to the outside world."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: GOOGLE_MAPS_API
|
|
label: "GOOGLE_MAPS_API"
|
|
description: "Include your Google Maps API key here if you'd like Snipe-IT to load maps from Google on your locations and suppliers pages."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: LDAP_MEM_LIM
|
|
label: "LDAP_MEM_LIM"
|
|
description: "Memory limit for LDAP execution"
|
|
schema:
|
|
type: string
|
|
default: "500M"
|
|
required: true
|
|
- variable: LDAP_TIME_LIM
|
|
label: "LDAP_TIME_LIM"
|
|
description: "Time limit for LDAP execution"
|
|
schema:
|
|
type: int
|
|
default: 600
|
|
required: true
|
|
- variable: API_THROTTLE_PER_MINUTE
|
|
label: "API_THROTTLE_PER_MINUTE"
|
|
description: "Number of requests to allow per minute."
|
|
schema:
|
|
type: int
|
|
default: 120
|
|
required: true
|
|
- variable: ENABLE_HSTS
|
|
label: "ENABLE_HSTS"
|
|
description: "HSTS is a web security policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: ENABLE_CSP
|
|
label: "ENABLE_CSP"
|
|
description: "Disable the content security policy that restricts what scripts, images and styles can load."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: CORS_ALLOWED_ORIGINS
|
|
label: "CORS_ALLOWED_ORIGINS"
|
|
schema:
|
|
type: string
|
|
default: "null"
|
|
- variable: REFERRER_POLICY
|
|
label: "REFERRER_POLICY"
|
|
description: "This is an additional security header that browsers use to determine whether they should report back URL referrer information."
|
|
schema:
|
|
type: string
|
|
default: "same-origin"
|
|
- variable: mailsettings
|
|
label: "Mail Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: MAIL_DRIVER
|
|
label: "MAIL_DRIVER"
|
|
description: "Specify the driver you would like to use."
|
|
schema:
|
|
type: string
|
|
default: "log"
|
|
enum:
|
|
- value: "log"
|
|
description: "log"
|
|
- value: "smtp"
|
|
description: "smtp"
|
|
- value: "mail"
|
|
description: "mail"
|
|
- value: "sendmail"
|
|
description: "sendmail"
|
|
- variable: MAIL_HOST
|
|
label: "MAIL_HOST"
|
|
description: "Specify the hostname for your outgoing mail server. Keep in mind that this server must be accessible from the server you're running Snipe-IT on."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: MAIL_PORT
|
|
label: "MAIL_PORT"
|
|
description: "Set the port number that your mail server expects to send from."
|
|
schema:
|
|
type: int
|
|
default: 587
|
|
- variable: MAIL_USERNAME
|
|
label: "MAIL_USERNAME"
|
|
description: "Set the username of the authenticated user you'll be sending email as."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: MAIL_PASSWORD
|
|
label: "MAIL_PASSWORD"
|
|
description: "Set the password for the authenticated user you'll be sending as."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
private: true
|
|
- variable: MAIL_ENCRYPTION
|
|
label: "MAIL_ENCRYPTION"
|
|
description: "Here you may specify the encryption protocol that should be used when the application sends e-mail messages."
|
|
schema:
|
|
type: string
|
|
default: "null"
|
|
enum:
|
|
- value: "null"
|
|
description: "null"
|
|
- value: "tls"
|
|
description: "tls"
|
|
- value: "ssl"
|
|
description: "ssl"
|
|
- variable: MAIL_FROM_ADDR
|
|
label: "MAIL_FROM_ADDR"
|
|
description: "Specify an email address that is used globally for all e-mails that are sent by your application."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: MAIL_FROM_NAME
|
|
label: "MAIL_FROM_NAME"
|
|
description: "Specify the name that should show up in the recipient's inbox when they receive email from your Snipe-IT instance."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: MAIL_REPLYTO_ADDR
|
|
label: "MAIL_REPLYTO_ADDR"
|
|
description: " Specify the address that should be the reply:to on emails from your Snipe-IT instance. This can be the same as your MAIL_FROM_ADDR, but it is required."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: MAIL_REPLYTO_NAME
|
|
label: "MAIL_REPLYTO_NAME"
|
|
description: "Specify the name that should be the reply:to on emails from your Snipe-IT instance. This can be the same as your MAIL_FROM_NAME , but it is required."
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: MAIL_AUTO_EMBED
|
|
label: "MAIL_AUTO_EMBED"
|
|
description: "Whether or not to embed images in emails (via CID or base64) versus linking to them."
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: MAIL_AUTO_EMBED_METHOD
|
|
label: "MAIL_AUTO_EMBED_METHOD"
|
|
description: "Method that should be used for attaching inline images. Options are attachment (for CID) or base64."
|
|
schema:
|
|
type: string
|
|
default: "base64"
|
|
enum:
|
|
- value: "base64"
|
|
description: "base64"
|
|
- value: "attachment"
|
|
description: "attachment"
|
|
- variable: publicawssettings
|
|
label: "Public AWS S3 Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: PUBLIC_AWS_SECRET_ACCESS_KEY
|
|
label: "PUBLIC_AWS_SECRET_ACCESS_KEY"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
private: true
|
|
- variable: PUBLIC_AWS_ACCESS_KEY_ID
|
|
label: "PUBLIC_AWS_ACCESS_KEY_ID"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
private: true
|
|
- variable: PUBLIC_AWS_DEFAULT_REGION
|
|
label: "PUBLIC_AWS_DEFAULT_REGION"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: PUBLIC_AWS_BUCKET
|
|
label: "PUBLIC_AWS_BUCKET"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: PUBLIC_AWS_URL
|
|
label: "PUBLIC_AWS_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: PUBLIC_AWS_BUCKET_ROOT
|
|
label: "PUBLIC_AWS_BUCKET_ROOT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: privateawssettings
|
|
label: "Private AWS S3 Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: PRIVATE_AWS_SECRET_ACCESS_KEY
|
|
label: "PRIVATE_AWS_SECRET_ACCESS_KEY"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
private: true
|
|
- variable: PRIVATE_AWS_ACCESS_KEY_ID
|
|
label: "PRIVATE_AWS_ACCESS_KEY_ID"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
private: true
|
|
- variable: PRIVATE_AWS_DEFAULT_REGION
|
|
label: "PRIVATE_AWS_DEFAULT_REGION"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: PRIVATE_AWS_BUCKET
|
|
label: "PRIVATE_AWS_BUCKET"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: PRIVATE_AWS_URL
|
|
label: "PRIVATE_AWS_URL"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: PRIVATE_AWS_BUCKET_ROOT
|
|
label: "PRIVATE_AWS_BUCKET_ROOT"
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: loggingsettings
|
|
label: "Logging Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: LOG
|
|
label: "LOG"
|
|
description: "Whether to use a single log file, or multiple date-based log files for your app error logs."
|
|
schema:
|
|
type: string
|
|
default: "daily"
|
|
required: true
|
|
enum:
|
|
- value: "single"
|
|
description: "Single File"
|
|
- value: "daily"
|
|
description: "Daily Files"
|
|
- variable: APP_LOG_MAX_FILES
|
|
label: "APP_LOG_MAX_FILES"
|
|
description: "Max number of daily app log files to retain."
|
|
schema:
|
|
type: int
|
|
default: 10
|
|
required: true
|
|
- variable: APP_DEBUG
|
|
label: "APP_DEBUG"
|
|
description: "Enables App Debug."
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: APP_LOG_LEVEL
|
|
label: "APP_LOG_LEVEL"
|
|
description: "Laravel will log all levels greater than or equal to the specified severity."
|
|
schema:
|
|
type: string
|
|
default: "error"
|
|
required: true
|
|
enum:
|
|
- value: "debug"
|
|
description: "debug"
|
|
- value: "info"
|
|
description: "info"
|
|
- value: "notice"
|
|
description: "notice"
|
|
- value: "warning"
|
|
description: "warning"
|
|
- value: "error"
|
|
description: "error"
|
|
- value: "critical"
|
|
description: "critical"
|
|
- value: "alert"
|
|
description: "alert"
|
|
- value: "emergency"
|
|
description: "emergency"
|
|
# Include{containerConfig}
|
|
# Include{serviceRoot}
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelector}
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 10120
|
|
required: true
|
|
# Include{advancedPortHTTP}
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 80
|
|
# Include{serviceExpertRoot}
|
|
default: false
|
|
# Include{serviceExpert}
|
|
# Include{serviceList}
|
|
# Include{persistenceRoot}
|
|
- variable: data
|
|
label: "App Data Storage"
|
|
description: "Stores the Application Data."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
- variable: logs
|
|
label: "App Logs Storage"
|
|
description: "Stores the Application Logs."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
- variable: backups
|
|
label: "App Backups Storage"
|
|
description: "Stores the Application Backups."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
# Include{persistenceList}
|
|
# Include{ingressRoot}
|
|
- variable: main
|
|
label: "Main Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{ingressDefault}
|
|
# Include{ingressTLS}
|
|
# Include{ingressTraefik}
|
|
# Include{ingressExpert}
|
|
# Include{ingressList}
|
|
# Include{security}
|
|
# Include{securityContextAdvancedRoot}
|
|
- variable: privileged
|
|
label: "Privileged mode"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: "ReadOnly Root Filesystem"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: allowPrivilegeEscalation
|
|
label: "Allow Privilege Escalation"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
# Include{securityContextAdvanced}
|
|
# Include{podSecurityContextRoot}
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 0
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: "The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 1000
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 50
|
|
# Include{podSecurityContextAdvanced}
|
|
# Include{resources}
|
|
# Include{advanced}
|
|
# Include{addons}
|
|
# Include{documentation}
|