484 lines
16 KiB
YAML
484 lines
16 KiB
YAML
# Include{groups}
|
|
portals:
|
|
open:
|
|
protocols:
|
|
- "$kubernetes-resource_configmap_portal_protocol"
|
|
host:
|
|
- "$kubernetes-resource_configmap_portal_host"
|
|
ports:
|
|
- "$kubernetes-resource_configmap_portal_port"
|
|
questions:
|
|
- variable: portal
|
|
group: "Container Image"
|
|
label: "Configure Portal Button"
|
|
schema:
|
|
type: dict
|
|
hidden: true
|
|
attrs:
|
|
- variable: enabled
|
|
label: "Enable"
|
|
description: "enable the portal button"
|
|
schema:
|
|
hidden: true
|
|
editable: false
|
|
type: boolean
|
|
default: true
|
|
# Include{global}
|
|
|
|
- variable: controller
|
|
group: "Controller"
|
|
label: ""
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: advanced
|
|
label: "Show Advanced Controller Settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: type
|
|
description: "Please specify type of workload to deploy"
|
|
label: "(Advanced) Controller Type"
|
|
schema:
|
|
type: string
|
|
default: "deployment"
|
|
required: true
|
|
enum:
|
|
- value: "deployment"
|
|
description: "Deployment"
|
|
- value: "statefulset"
|
|
description: "Statefulset"
|
|
- value: "daemonset"
|
|
description: "Daemonset"
|
|
- variable: replicas
|
|
description: "Number of desired pod replicas"
|
|
label: "Desired Replicas"
|
|
schema:
|
|
type: int
|
|
default: 1
|
|
required: true
|
|
- variable: strategy
|
|
description: "Please specify type of workload to deploy"
|
|
label: "(Advanced) Update Strategy"
|
|
schema:
|
|
type: string
|
|
default: "Recreate"
|
|
required: true
|
|
enum:
|
|
- value: "Recreate"
|
|
description: "Recreate: Kill existing pods before creating new ones"
|
|
- value: "RollingUpdate"
|
|
description: "RollingUpdate: Create new pods and then kill old ones"
|
|
- value: "OnDelete"
|
|
description: "(Legacy) OnDelete: ignore .spec.template changes"
|
|
# Include{controllerExpert}
|
|
|
|
- variable: radicale
|
|
group: Container Configuration
|
|
label: Radicale Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: server
|
|
label: Server Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: max_connections
|
|
label: max_connections
|
|
description: The maximum number of parallel connections. Set to 0 to disable the limit.
|
|
schema:
|
|
type: int
|
|
default: 8
|
|
required: true
|
|
- variable: max_content_length
|
|
label: max_content_length
|
|
description: The maximum size of the request body. (bytes)
|
|
schema:
|
|
type: int
|
|
default: 100000000
|
|
required: true
|
|
- variable: timeout
|
|
label: timeout
|
|
description: Socket timeout. (seconds)
|
|
schema:
|
|
type: int
|
|
default: 30
|
|
required: true
|
|
- variable: encoding
|
|
label: Encoding Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: request
|
|
label: request
|
|
description: Encoding for responding requests.
|
|
schema:
|
|
type: string
|
|
default: utf-8
|
|
required: true
|
|
- variable: stock
|
|
label: stock
|
|
description: Encoding for storing local collections.
|
|
schema:
|
|
type: string
|
|
default: utf-8
|
|
required: true
|
|
- variable: auth
|
|
label: Auth Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: type
|
|
label: type
|
|
description: The method to verify usernames and passwords.
|
|
schema:
|
|
type: string
|
|
default: htpasswd
|
|
required: true
|
|
enum:
|
|
- value: none
|
|
description: none
|
|
- value: htpasswd
|
|
description: htpasswd
|
|
- value: http_x_remote_user
|
|
description: http_x_remote_user
|
|
- variable: delay
|
|
label: delay
|
|
description: Average delay after failed login attempts in seconds.
|
|
schema:
|
|
type: int
|
|
default: 1
|
|
required: true
|
|
- variable: realm
|
|
label: realm
|
|
description: Message displayed in the client when a password is needed.
|
|
schema:
|
|
type: string
|
|
default: Radicale - Password Required
|
|
required: true
|
|
- variable: users
|
|
label: Basic Authentication Users (htpasswd)
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: usersEntry
|
|
label: ""
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: username
|
|
label: "Username"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: ""
|
|
- variable: password
|
|
label: "Password"
|
|
schema:
|
|
type: string
|
|
required: true
|
|
private: true
|
|
default: ""
|
|
|
|
- variable: rights
|
|
label: Rights Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: type
|
|
label: type
|
|
description: The backend that is used to check the access rights of collections.
|
|
schema:
|
|
type: string
|
|
default: owner_only
|
|
required: true
|
|
enum:
|
|
- value: authenticated
|
|
description: authenticated
|
|
- value: owner_only
|
|
description: owner_only
|
|
- value: owner_write
|
|
description: owner_write
|
|
- variable: storage
|
|
label: Storage Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: type
|
|
label: type
|
|
description: The backend that is used to store data.
|
|
schema:
|
|
type: string
|
|
default: multifilesystem
|
|
required: true
|
|
enum:
|
|
- value: multifilesystem
|
|
description: multifilesystem
|
|
- value: multifilesystem_nolock
|
|
description: multifilesystem_nolock
|
|
- variable: max_sync_token_age
|
|
label: max_sync_token_age
|
|
description: Delete sync token that are older (seconds)
|
|
schema:
|
|
type: int
|
|
default: 2592000
|
|
required: true
|
|
- variable: web
|
|
label: Web Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: type
|
|
label: type
|
|
description: The backend that provides the web interface of Radicale.
|
|
schema:
|
|
type: string
|
|
default: internal
|
|
required: true
|
|
enum:
|
|
- value: none
|
|
description: none
|
|
- value: internal
|
|
description: internal
|
|
- variable: logging
|
|
label: Logging Configuration
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: level
|
|
label: level
|
|
description: Set the logging level.
|
|
schema:
|
|
type: string
|
|
default: warning
|
|
required: true
|
|
enum:
|
|
- value: debug
|
|
description: debug
|
|
- value: info
|
|
description: info
|
|
- value: warning
|
|
description: warning
|
|
- value: error
|
|
description: error
|
|
- value: critical
|
|
description: critical
|
|
- variable: mask_passwords
|
|
label: mask_passwords
|
|
description: Don't include passwords in logs.
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
|
|
# Include{containerConfig}
|
|
|
|
- variable: service
|
|
group: "Networking and Services"
|
|
label: "Configure Service(s)"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "Main Service"
|
|
description: "The Primary service on which the healthcheck runs, often the webUI"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{serviceSelector}
|
|
- variable: main
|
|
label: "Main Service Port Configuration"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: port
|
|
label: "Port"
|
|
description: "This port exposes the container port on the service"
|
|
schema:
|
|
type: int
|
|
default: 10255
|
|
required: true
|
|
- variable: advanced
|
|
label: "Show Advanced settings"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: protocol
|
|
label: "Port Type"
|
|
schema:
|
|
type: string
|
|
default: "HTTP"
|
|
enum:
|
|
- value: HTTP
|
|
description: "HTTP"
|
|
- value: "HTTPS"
|
|
description: "HTTPS"
|
|
- value: TCP
|
|
description: "TCP"
|
|
- value: "UDP"
|
|
description: "UDP"
|
|
- variable: nodePort
|
|
label: "Node Port (Optional)"
|
|
description: "This port gets exposed to the node. Only considered when service type is NodePort, Simple or LoadBalancer"
|
|
schema:
|
|
type: int
|
|
min: 9000
|
|
max: 65535
|
|
- variable: targetPort
|
|
label: "Target Port"
|
|
description: "The internal(!) port on the container the Application runs on"
|
|
schema:
|
|
type: int
|
|
default: 5232
|
|
|
|
- variable: serviceexpert
|
|
group: "Networking and Services"
|
|
label: "Show Expert Config"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: hostNetwork
|
|
group: "Networking and Services"
|
|
label: "Host-Networking (Complicated)"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
|
|
# Include{serviceExpert}
|
|
|
|
# Include{serviceList}
|
|
|
|
- variable: persistence
|
|
label: "Integrated Persistent Storage"
|
|
description: "Integrated Persistent Storage"
|
|
group: "Storage and Persistence"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: data
|
|
label: "App Data Storage"
|
|
description: "Stores the Application Data."
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
# Include{persistenceBasic}
|
|
# Include{persistenceAdvanced}
|
|
# Include{persistenceList}
|
|
|
|
- variable: ingress
|
|
label: ""
|
|
group: "Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: main
|
|
label: "Main Ingress"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
|
|
# Include{ingressDefault}
|
|
|
|
# Include{ingressTLS}
|
|
|
|
# Include{ingressTraefik}
|
|
|
|
# Include{ingressExpert}
|
|
|
|
# Include{ingressList}
|
|
|
|
# Include{security}
|
|
|
|
- variable: advancedSecurity
|
|
label: "Show Advanced Security Settings"
|
|
group: "Security and Permissions"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
show_subquestions_if: true
|
|
subquestions:
|
|
- variable: securityContext
|
|
label: "Security Context"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: privileged
|
|
label: "Privileged mode"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: readOnlyRootFilesystem
|
|
label: "ReadOnly Root Filesystem"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: allowPrivilegeEscalation
|
|
label: "Allow Privilege Escalation"
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: runAsNonRoot
|
|
label: "runAsNonRoot"
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
# Include{securityContextAdvanced}
|
|
|
|
- variable: podSecurityContext
|
|
group: "Security and Permissions"
|
|
label: "Pod Security Context"
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: runAsUser
|
|
label: "runAsUser"
|
|
description: "The UserID of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 2999
|
|
- variable: runAsGroup
|
|
label: "runAsGroup"
|
|
description: "The groupID this App of the user running the application"
|
|
schema:
|
|
type: int
|
|
default: 2999
|
|
- variable: fsGroup
|
|
label: "fsGroup"
|
|
description: "The group that should own ALL storage."
|
|
schema:
|
|
type: int
|
|
default: 2999
|
|
# Include{podSecurityContextAdvanced}
|
|
|
|
# Include{resources}
|
|
|
|
# Include{advanced}
|
|
|
|
# Include{addons}
|